Browse all 4 CVE security advisories affecting Broadstreet. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Broadstreet provides digital signage and display management solutions for commercial environments. Historically, the organization has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation flaws in their web-based management interfaces. These issues often stem from insufficient input validation and improper access controls. While no major public security incidents have been widely reported, the presence of four CVEs indicates ongoing security challenges typical in IoT and display management systems. The company's products, which manage content across multiple screens, remain attractive targets for exploitation due to their network exposure and potential for lateral movement within corporate environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-69311 | WordPress Broadstreet Ads plugin <= 1.52.1 - Broken Access Control vulnerability — Broadstreet AdsCWE-862 | 7.6 | High | 2026-01-22 |
| CVE-2025-48113 | WordPress Broadstreet plugin <= 1.51.2 - Cross Site Scripting (XSS) vulnerability — Broadstreet AdsCWE-79 | 6.5 | Medium | 2025-05-16 |
| CVE-2025-32211 | WordPress Broadstreet plugin <= 1.52.1 - Cross Site Scripting (XSS) vulnerability — Broadstreet AdsCWE-79 | 6.5 | Medium | 2025-04-08 |
| CVE-2025-32270 | WordPress Broadstreet plugin <= 1.52.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Broadstreet AdsCWE-352 | 4.3 | Medium | 2025-04-04 |
This page lists every published CVE security advisory associated with Broadstreet. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.