CVE-2015-2826
MEDIUMWordPress Simple Ads Manager 2.5.94 and 2.5.96 - Exposure of Sensitive Information
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2015-2826. PoCs published by ITAS Team.
AI-analyzed exploit summary This exploit demonstrates an information disclosure vulnerability in the WordPress plugin Simple Ads Manager. The PoC shows how an unauthenticated attacker can send a POST request to a specific endpoint to disclose sensitive user information.
Description
WordPress Simple Ads Manager plugin 2.5.94 and 2.5.96 allows remote attackers to obtain sensitive information.
Exploits (1)
exploitdb
WORKING POC
by ITAS Team · textwebappsphp
https://www.exploit-db.com/exploits/36615
This exploit demonstrates an information disclosure vulnerability in the WordPress plugin Simple Ads Manager. The PoC shows how an unauthenticated attacker can send a POST request to a specific endpoint to disclose sensitive user information.
Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
WordPress plugin Simple Ads Manager 2.5.94 and 2.5.96
No auth needed
Prerequisites:
WordPress with Simple Ads Manager plugin installed and vulnerable version active
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/535170/100/1200/threaded
Exploit, Third Party Advisory x_refsource_misc
http://www.itas.vn/news/ITAS-Team-found-out-multiple-critical-vulnerabilities-in-Hakin9-IT-Security-Magazine-78.html
Exploit, Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/36615/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/73924
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/131281/WordPress-Simple-Ads-Manager-2.5.94-2.5.96-Information-Disclosure.html
Exploit, Mailing List, Third Party Advisory, VDB Entry mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/Apr/10
Scores
CVSS v3
5.3
EPSS
0.1278
EPSS Percentile
95.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (2)
simple_ads_manager_project/simple_ads_manager
2.5.94
simple_ads_manager_project/simple_ads_manager
2.5.96
Published
Sep 20, 2017
Tracked Since
Feb 18, 2026