CVE-2025-5339 – Adobe Ads Pro Plugin SQL Injection Vulnerability

July 2, 2025

CVE ID : CVE-2025-5339

Published : July 2, 2025, 4:15 a.m. | 5 hours, 26 minutes ago

Description : The Ads Pro Plugin – Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘bsa_pro_id’ parameter in all versions up to, and including, 4.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5746 – WooCommerce Drag and Drop Multiple File Upload Arbitrary File Upload Vulnerability

Next Article CVE-2025-5014 – The Home Villas | Real Estate WordPress Theme File Deletion Vulnerability (Arbitrary File Deletion)

Highlights

CVE-2025-46828 – WeGIA Web Manager SQL Injection Vulnerability

May 7, 2025

CVE ID : CVE-2025-46828

Published : May 7, 2025, 6:15 p.m. | 1 hour, 20 minutes ago

Description : WeGIA is a web manager for charitable institutions. An unauthenticated SQL Injection vulnerability was identified in versions up to and including 3.3.0 in the endpoint `/html/socio/sistema/get_socios.php`, specifically in the query parameter. This issue allows attackers to inject and execute arbitrary SQL statements against the application’s underlying database. As a result, it may lead to data exfiltration, authentication bypass, or complete database compromise. Version 3.3.1 fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

The impact of gray work on software development

CSS Intelligence: Speculating On The Future Of A Smarter Language

Your Roku has secret menus and screens – here’s how to unlock them

Add Paramount+, STARZ, and more to your Prime Video account for $0.99 a month – here’s how

My new favorite keychain accessory gives me 2TB of SSD storage instantly

HP’s latest OmniBook finally sold me on the 2-in-1 form factor (and it’s on sale)

Simplifying Stream Handling with Laravel’s resource Method

Simplifying Stream Handling with Laravel’s resource Method

Intelligent Parsing and Formatting of Names in PHP Applications

This Week in Laravel: Cursor Rules, Nightwatch Review, and Race Conditions

Microsoft confirms Windows 11 KB5060829 issues, but you can safely ignore it

Microsoft confirms Windows 11 KB5060829 issues, but you can safely ignore it

Hash Calculator – calculates around 50 cryptographic hashes of strings and files

Rilasciato Thunderbird 140 ESR: Un’attenzione alle esigenze aziendali

CVE-2025-5339 – Adobe Ads Pro Plugin SQL Injection Vulnerability

Apache Tomcat and Camel Vulnerabilities Actively Exploited in The Wild

Grafana releases critical security update for Image Renderer plugin

ConnectWise Hit by Cyberattack; Nation-State Actor Suspected in Targeted Breach

Lizard Squad DDoS-for-hire service hacked – users’ details revealed

Pilz IndustrialPI 4 Alert: Critical Flaws (CVE-2025-41656 CVSS 10.0 RCE, CVE-2025-41648 Auth Bypass) Expose Industrial PCs

Essential Git Command Reference: The Core Operations Every Developer Needs

CVE-2025-46828 – WeGIA Web Manager SQL Injection Vulnerability

GitHub Enterprise Server Vulnerabilities Expose Risk of Code Execution and Data Leaks

Wardrobe is a GNOME customization tool

Mail Notification Tools: 7 Best Free and Open Source Software

CVE-2025-5339 – Adobe Ads Pro Plugin SQL Injection Vulnerability

Related Posts