CVE-2026-2595 in wpquads Quads Ads Manager for Google AdSense Plugininformação

Sumário (Inglês)

The Quads Ads Manager for Google AdSense plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.0.98.1 due to insufficient input sanitization and output escaping of multiple ad metadata parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Responsável

Wordfence

Reservar

16/02/2026

Divulgação

28/03/2026

Inscrições

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilidadeCWEExpConCVE
354074wpquads Quads Ads Manager for Google AdSense Plugin Parameter Script de Site Cruzado79Não definidoNão definidoCVE-2026-2595

Descrição

CPE

CWE

CVSS

Explorações

História

Diferença

Relacionar

Inteligência de ameaças

API JSON

API XML

API CSV

VoltarVisão GeralPróximo

Do you need the next level of professionalism?

Upgrade your account now!