Scriptsbundle

Adforest

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2026-1729

  • EPSS 0.22%
  • Veröffentlicht 12.02.2026 01:23:42
  • Zuletzt bearbeitet 12.02.2026 15:10:37

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sb_login_user_with_otp_...

8.1

CVE-2025-67946

  • EPSS 0.17%
  • Veröffentlicht 22.01.2026 16:51:54
  • Zuletzt bearbeitet 28.01.2026 17:16:09

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in scriptsbundle AdForest adforest allows PHP Local File Inclusion.This issue affects AdForest: from n/a through <= 6.0.11.

5.3

CVE-2025-67569

  • EPSS 0.04%
  • Veröffentlicht 09.12.2025 14:14:12
  • Zuletzt bearbeitet 20.01.2026 15:19:24

Missing Authorization vulnerability in scriptsbundle AdForest adforest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AdForest: from n/a through <= 6.0.11.

7.5

CVE-2025-61116

  • EPSS 0.08%
  • Veröffentlicht 30.10.2025 00:00:00
  • Zuletzt bearbeitet 04.11.2025 15:41:56

AdForest - Classified Android App version 4.0.12 (package name scriptsbundle.adforest), developed by Muhammad Jawad Arshad, contains an improper access control vulnerability in its authentication mechanism. The app uses a Base64-encoded email address...

9.8

CVE-2025-8359

  • EPSS 0.53%
  • Veröffentlicht 06.09.2025 02:24:18
  • Zuletzt bearbeitet 08.09.2025 16:25:38

The AdForest theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 6.0.9. This is due to the plugin not properly verifying a user's identity prior to authenticating them. This makes it possible for unauthent...

9.8

CVE-2024-12857

  • EPSS 0.47%
  • Veröffentlicht 22.01.2025 07:15:16
  • Zuletzt bearbeitet 24.01.2025 19:18:01

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.8. This is due to the plugin not properly verifying a user's identity prior to logging them in as that user. This makes it possible for ...

9.8

CVE-2024-11350

  • EPSS 0.43%
  • Veröffentlicht 08.01.2025 09:15:06
  • Zuletzt bearbeitet 12.08.2025 16:07:54

The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.1.6. This is due to the plugin not properly validating a user's identity prior to updating their password through the ...

5.4

CVE-2024-12855

  • EPSS 0.09%
  • Veröffentlicht 08.01.2025 09:15:06
  • Zuletzt bearbeitet 12.08.2025 16:05:56

The AdForest theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions like 'sb_remove_ad' in all versions up to, and including, 5.1.7. This makes it possible for authenticated at...

9.8

CVE-2024-11349

  • EPSS 6.51%
  • Veröffentlicht 21.12.2024 05:15:07
  • Zuletzt bearbeitet 12.08.2025 18:59:09

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.6. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the sb_login_user_with_otp_fu...