Plateforme
wordpress
Composant
advanced-ads
Corrigé dans
2.0.15
CVE-2025-13592 is a Remote Code Execution (RCE) vulnerability affecting the Advanced Ads – Ad Manager & AdSense plugin for WordPress. This vulnerability allows authenticated attackers with editor-level permissions or higher to execute arbitrary code on the server. The vulnerability impacts versions 0.0.0 through 2.0.14, and a patch is available in version 2.0.15.
Successful exploitation of CVE-2025-13592 allows an attacker to gain complete control over the WordPress server. This could lead to data breaches, website defacement, malware installation, and further compromise of the underlying system. The attacker needs editor-level permissions, which are commonly granted to content creators and administrators. Given the widespread use of WordPress and the Advanced Ads plugin, this vulnerability has a potentially large attack surface. The ability to execute arbitrary code represents a critical security risk, enabling attackers to bypass standard security controls and escalate their privileges.
CVE-2025-13592 was publicly disclosed on December 29, 2025. The vulnerability's ease of exploitation, coupled with the popularity of the Advanced Ads plugin, suggests a potential for active exploitation. No public proof-of-concept (PoC) code has been observed as of the disclosure date, but the vulnerability's nature makes it likely that PoCs will emerge. The vulnerability is not currently listed on the CISA KEV catalog.
Websites using the Advanced Ads plugin, particularly those with multiple users having editor-level permissions, are at risk. Shared hosting environments where multiple WordPress sites share the same server are also at increased risk, as a compromise of one site could potentially lead to the compromise of others.
• wordpress: Use wp-cli to check the plugin version: wp plugin version advanced-ads. If the version is less than 2.0.15, the system is vulnerable.
• wordpress: Search plugin files for the change-adcontent parameter and any code that processes it without proper sanitization.
• *generic web:* Monitor web server access logs for requests containing the change-adcontent parameter with unusual or potentially malicious values. Look for patterns indicative of code injection attempts.
• wordpress: Use a security scanner plugin to identify the vulnerability and recommend remediation steps.
disclosure
Statut de l'Exploit
EPSS
0.29% (percentile 52%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2025-13592 is to immediately upgrade the Advanced Ads plugin to version 2.0.15 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider restricting access to the 'change-ad__content' shortcode parameter to trusted users only. While not a complete fix, this can reduce the attack surface. Web application firewalls (WAFs) configured to detect and block suspicious requests targeting the shortcode parameter may also provide some protection. After upgrading, verify the plugin's functionality and confirm that the vulnerability is no longer exploitable by attempting to access the affected shortcode with various inputs.
Mettre à jour vers la version 2.0.15, ou une version corrigée plus récente
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2025-13592 is a Remote Code Execution vulnerability in the Advanced Ads WordPress plugin, allowing attackers with editor permissions to execute code on the server.
You are affected if you are using Advanced Ads plugin versions 0.0.0 through 2.0.14 on your WordPress site.
Upgrade the Advanced Ads plugin to version 2.0.15 or later to resolve the vulnerability. Consider restricting access to the vulnerable shortcode parameter as a temporary workaround.
While no active exploitation has been confirmed, the vulnerability's nature suggests a potential for exploitation, and monitoring is recommended.
Refer to the official Advanced Ads plugin website or WordPress plugin repository for the latest security advisory and update information.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.