CVE-2025-5339 – Adobe Ads Pro Plugin SQL Injection Vulnerability

July 2, 2025

CVE ID : CVE-2025-5339

Published : July 2, 2025, 4:15 a.m. | 5 hours, 26 minutes ago

Description : The Ads Pro Plugin – Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘bsa_pro_id’ parameter in all versions up to, and including, 4.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5746 – WooCommerce Drag and Drop Multiple File Upload Arbitrary File Upload Vulnerability

Next Article CVE-2025-5014 – The Home Villas | Real Estate WordPress Theme File Deletion Vulnerability (Arbitrary File Deletion)

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

PHP 8.5.0 Alpha 1 available for testing

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

Celebrating Perficient’s Third Databricks Champion

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

CVE-2025-5339 – Adobe Ads Pro Plugin SQL Injection Vulnerability

Hackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via Keyloggers

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

CVE-2025-3955 – “Codeprojects Patient Record Management System SQL Injection Vulnerability”

CVE-2025-27525 – Hitachi JP1/IT Desktop Management 2 – Smart Device Manager Windows Information Exposure Vulnerability

Clario enhances the quality of the clinical trial documentation process with Amazon Bedrock

CVE-2024-55595 – Cisco Webex Meeting Server Unvalidated Redirect

CVE-2025-37090 – HPE StoreOnce Server-Side Request Forgery Vulnerability

CVE-2025-48914 – Drupal COOKiES Consent Management Cross-Site Scripting (XSS)

Le notizie minori del mondo GNU/Linux e dintorni della settimana nr 24/2025

Microsoft built a bloat-free, optimized Windows 11 UI for handheld gaming

CVE-2025-5339 – Adobe Ads Pro Plugin SQL Injection Vulnerability

Related Posts