Posted by ITAS Team on Apr 05

#Vulnerability title: WordPress plugin Simple Ads Manager – SQL Injection
#Product: WordPress plugin Simple Ads Manager
#Vendor: https://profiles.wordpress.org/minimus/
#Affected version: Simple Ads Manager 2.5.94 and 2.5.96
#Download link: https://wordpress.org/plugins/simple-ads-manager/
#CVE ID: CVE-2015-2824
#Author: Le Hong Minh (minh.h.le () itas vn) & ITAS Team

::PROOF OF CONCEPT::

—SQL INJECTION 1—

+ REQUEST:

POST…