平台
wordpress
组件
advanced-ads
修复版本
2.0.13
CVE-2025-10487 describes a Remote Code Execution (RCE) vulnerability affecting the Advanced Ads – Ad Manager & AdSense plugin for WordPress. This vulnerability allows unauthenticated attackers to execute arbitrary code, potentially leading to complete system compromise and data theft. The issue impacts versions 0.0.0 through 2.0.12, and a patch is available in version 2.0.13.
The impact of this RCE vulnerability is significant. An attacker could leverage it to gain complete control over a WordPress site running the vulnerable plugin. This could involve deploying malware, stealing sensitive data (user credentials, customer information, database contents), modifying website content, or using the compromised site as a launchpad for further attacks against other systems on the network. The ability to call functions like gettheexcerpt demonstrates the potential for information exposure, which could be a precursor to more serious attacks. The unauthenticated nature of the exploit means that no user interaction is required for exploitation.
This vulnerability was publicly disclosed on 2025-11-01. As of this date, there is no indication of active exploitation in the wild, but the ease of exploitation and the plugin's popularity suggest that it could become a target. No Proof-of-Concept (PoC) code has been publicly released, but the vulnerability description provides sufficient detail for attackers to develop their own exploits. It is not currently listed on the CISA KEV catalog.
Websites utilizing the Advanced Ads plugin, particularly those running older versions (0.0.0–2.0.12), are at risk. Shared hosting environments are especially vulnerable, as they often have limited control over plugin updates and security configurations. Sites with sensitive data or those integrated with other critical systems are at higher risk of significant impact.
• wordpress / composer / npm:
grep -r 'select_one()' /var/www/html/wp-content/plugins/advanced-ads/• wordpress / composer / npm:
wp plugin list --status=all | grep advanced-ads• wordpress / composer / npm:
wp plugin update advanced-ads --all• generic web:
curl -I https://your-wordpress-site.com/wp-admin/admin-ajax.php?action=advanced_ads_get_ad_datadisclosure
漏洞利用状态
EPSS
0.41% (61% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation is to immediately upgrade the Advanced Ads plugin to version 2.0.13 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider temporarily restricting access to the vulnerable AJAX endpoint. This can be achieved through a WordPress firewall (WAF) or by implementing custom access control rules within the plugin itself (though this requires advanced development skills). Monitor WordPress access logs for suspicious requests targeting the select_one() function. While a direct detection signature is difficult without plugin code access, look for unusual function calls originating from the plugin.
Actualice el plugin Advanced Ads a la versión 2.0.13 o superior para mitigar la vulnerabilidad de ejecución de código limitada no autenticada. Esta actualización corrige la falta de restricciones adecuadas en el acceso a un endpoint AJAX, previniendo que atacantes puedan ejecutar funciones arbitrarias.
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2025-10487 is a Remote Code Execution vulnerability in the Advanced Ads WordPress plugin, allowing attackers to execute arbitrary code. It affects versions 0.0.0–2.0.12 and is rated HIGH severity.
If you are using Advanced Ads plugin versions 0.0.0 through 2.0.12, you are vulnerable. Check your plugin version and upgrade immediately.
Upgrade the Advanced Ads plugin to version 2.0.13 or later. If immediate upgrade is not possible, restrict access to the vulnerable AJAX endpoint using a WAF or custom rules.
As of 2025-11-01, there is no confirmed active exploitation, but the vulnerability's ease of exploitation makes it a potential target.
Refer to the official Advanced Ads plugin website or WordPress plugin repository for the latest security advisory and update information.
上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。