CVE-2024-13322 – WordPress Ads Pro Plugin SQL Injection Vulnerability

May 2, 2025

CVE ID : CVE-2024-13322

Published : May 2, 2025, 4:15 a.m. | 3 hours, 5 minutes ago

Description : The Ads Pro Plugin – Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the ‘a_id’ parameter in all versions up to, and including, 4.88 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-13344 – WooCommerce Advance Seat Reservation SQL Injection

Next Article CVE-2025-4179 – Flynax Bridge WordPress Privilege Escalation

Highlights

CVE-2025-48883 – Chrome CSS Selector XSS

May 30, 2025

CVE ID : CVE-2025-48883

Published : May 30, 2025, 7:15 p.m. | 2 hours, 25 minutes ago

Description : Chrome PHP allows users to start playing with chrome/chromium in headless mode from PHP. Prior to version 1.14.0, CSS Selector expressions are not properly encoded, which can lead to XSS (cross-site scripting) vulnerabilities. This is patched in v1.14.0. As a workaround, users can apply encoding manually to their selectors if they are unable to upgrade.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

GitHub’s CEO Thomas Dohmke steps down, triggering tighter integration of company within Microsoft

bitHuman launches SDK for creating AI avatars

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

I found a Google Maps alternative that won’t track you or drain your battery – and it’s free

I tested this new AI podcast tool to see if it can beat NotebookLM – here’s how it did

Microsoft’s new update makes your taskbar a productivity hub – here’s how

Save $50 on the OnePlus Pad 3 plus get a free gift – here’s the deal

Laravel Global Scopes: Automatic Query Filtering

Laravel Global Scopes: Automatic Query Filtering

Building MCP Servers in PHP

Filament v4 is Stable!

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

Madden NFL 26 Leads This Week’s Xbox Drops—But Don’t Miss These Hidden Gems

ASUS G14 Bulked Up for 2025—Still Sexy, Just a Bit Chonkier

CVE-2024-13322 – WordPress Ads Pro Plugin SQL Injection Vulnerability

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

WinRAR zero-day exploited in espionage attacks against high-value targets

How to Show “My Computer” on Desktop in Windows 11

OneDrive search broken for some users across platforms

CVE-2024-45069 – Apache HTTP Server Remote Code Execution

CVE-2025-53616 – Apache HTTP Server SQL Injection

CVE-2025-48883 – Chrome CSS Selector XSS

CVE-2025-5825 – Autel MaxiCharger AC Wallbox Commercial Firmware Remote Code Execution Vulnerability

LWiAI Podcast #206 – Llama 4, Nova Act, xAI buys X, PaperBench

VideoDubber AI Celebrity Voice Generator

CVE-2024-13322 – WordPress Ads Pro Plugin SQL Injection Vulnerability

Related Posts