CVE-2026-2595 in wpquads Quads Ads Manager for Google AdSense Plugin
요약 (영어)
The Quads Ads Manager for Google AdSense plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.0.98.1 due to insufficient input sanitization and output escaping of multiple ad metadata parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
책임이 있는
Wordfence
예약하다
2026. 02. 16.
공개
2026. 03. 28.
엔트리
| 게시됨 | 기본 | 임시 | 취약성 | CWE | 제품 | 악용 | 대책 | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 2026. 03. 28. | 4.4 | 4.4 | wpquads Quads Ads Manager for Google AdSense Plugin Parameter 크로스 사이트 스크립팅 | 79 | WordPress Plugin | 정의되지 않음 | 정의되지 않음 | 0.00029 | 3.11 | CVE-2026-2595 |