Does Ad Commander – Ad Manager for Banners, AdSense, Ad Networks have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Ad Commander – Ad Manager for Banners, AdSense, Ad Networks compatible with WordPress 6.9.4?

According to WordPress.org data, Ad Commander – Ad Manager for Banners, AdSense, Ad Networks 1.3.2 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Ad Commander – Ad Manager for Banners, AdSense, Ad Networks compatible with PHP 7.4+?

Ad Commander – Ad Manager for Banners, AdSense, Ad Networks requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

Ad Commander – Ad Manager for Banners, AdSense, Ad Networks Security & Risk Analysis

wordpress.org/plugins/ad-commander

Insert image banner ads, Google AdSense, Amazon, affiliate ad networks. Rotate and randomize. Manage with AI agents. Track impressions and clicks.

100 active installs v1.3.2 PHP 7.4+ WP 6.2+ Updated Apr 9, 2026

adsenseadvertisingagentsbannersrotate

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Ad Commander – Ad Manager for Banners, AdSense, Ad Networks Safe to Use in 2026?

Generally Safe

Score 100/100

Ad Commander – Ad Manager for Banners, AdSense, Ad Networks has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The Ad Commander plugin, version 1.1.25, exhibits a generally strong security posture based on the static analysis. The plugin demonstrates excellent adherence to secure coding practices, with nearly all SQL queries using prepared statements and a very high percentage of outputs being properly escaped. The absence of dangerous functions, file operations, and a clean vulnerability history with zero recorded CVEs further bolster its perceived security. The limited attack surface, with only two shortcodes and no unprotected AJAX handlers or REST API routes, is a significant strength. However, a single taint flow with an unsanitized path, even if not critical or high severity in this analysis, warrants attention as it represents a potential, albeit likely contained, risk. The presence of external HTTP requests, while not inherently a vulnerability, is a common area for security issues and should be monitored. Overall, the plugin appears well-maintained and conscientiously developed, with minor areas for potential improvement related to the single identified unsanitized path.

The plugin's strengths lie in its proactive use of prepared statements for SQL, comprehensive output escaping, and robust handling of entry points with adequate authorization checks. The lack of any known vulnerabilities is a very positive indicator. The minimal attack surface significantly reduces the potential for attackers to find entry points. The sole identified taint flow is the primary point of concern, highlighting a specific area where input might not be sufficiently validated before being used in a sensitive context. While the analysis indicates no immediate critical or high severity risk from this flow, it's a signal for potential future issues if the plugin evolves without addressing such paths. The external HTTP requests also introduce a slight dependency on the security of external services and the plugin's handling of their responses.

In conclusion, Ad Commander v1.1.25 is a securely developed plugin with a commendable track record. Its adherence to core security principles is evident throughout the static analysis. The absence of historical vulnerabilities suggests a proactive approach to security by the developers. The only notable weakness identified is a single taint flow with an unsanitized path, which, while not currently a high-risk issue, should ideally be rectified to further harden the plugin's security. The plugin's limited attack surface and strong utilization of WordPress security features make it a relatively safe option, but vigilance is always recommended.

Key Concerns

Taint flow with unsanitized path

Vulnerabilities

None known

Ad Commander – Ad Manager for Banners, AdSense, Ad Networks Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Ad Commander – Ad Manager for Banners, AdSense, Ad Networks Release Timeline

v1.3.2Current

v1.3.1

v1.3.0

v1.2.5

v1.2.4

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.28

v1.1.27

v1.1.26

v1.1.25

v1.1.24

v1.1.23

v1.1.22

v1.1.21

v1.1.20

v1.1.19

v1.1.18

Code Analysis

Analyzed Mar 16, 2026

Ad Commander – Ad Manager for Banners, AdSense, Ad Networks Code Analysis

Dangerous Functions

Raw SQL Queries

42 prepared

Unescaped Output

618 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

98% prepared43 total queries

Output Escaping

99% escaped622 total outputs

Data Flows · Security

1 unsanitized

Data Flow Analysis

1 flows1 with unsanitized paths

<AdminAdsense> (includes\AdminAdsense.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Ad Commander – Ad Manager for Banners, AdSense, Ad Networks Attack Surface

Entry Points2

Unprotected0

Shortcodes 2

[adcmdr_ad] includes\functions\frontend.php:175

[adcmdr_group] includes\functions\frontend.php:208

WordPress Hooks 75

actionadmin_initad-commander.php:64

actionplugins_loadedad-commander.php:88

actionadmin_menuincludes\Admin.php:88

actionadmin_menuincludes\Admin.php:89

actionadmin_headincludes\Admin.php:90

actionadmin_enqueue_scriptsincludes\Admin.php:92

actionadmin_print_stylesincludes\Admin.php:93

actionadmin_initincludes\Admin.php:95

actionin_admin_headerincludes\Admin.php:97

actionadmin_noticesincludes\Admin.php:99

filterpre_update_option_adcmdr_addonsincludes\Admin.php:101

filterwp_insert_post_dataincludes\Admin.php:103

actionadmin_initincludes\Admin.php:113

filterwo_repeater_draggable_iconincludes\Admin.php:122

filterwo_repeater_draggable_icon_widthincludes\Admin.php:129

filterwo_repeater_sort_handle_selectorincludes\Admin.php:136

actionupdate_option_adcmdr_adsenseincludes\Admin.php:146

actionhttp_api_curlincludes\Admin.php:153

actionadmin_enqueue_scriptsincludes\AdminAdPostMeta.php:33

actionadmin_enqueue_scriptsincludes\AdminAdPostMeta.php:34

actionedit_form_after_titleincludes\AdminAdPostMeta.php:36

actionadmin_noticesincludes\AdminAdPostMeta.php:40

actionpre_get_postsincludes\AdminAdPostMeta.php:48

actionrestrict_manage_postsincludes\AdminAdPostMeta.php:50

actionrestrict_manage_postsincludes\AdminAdPostMeta.php:51

filterparse_queryincludes\AdminAdPostMeta.php:52

filteradmin_post_thumbnail_htmlincludes\AdminAdPostMeta.php:293

actionload-ad-commander_page_ad-commander-settingsincludes\AdminAdsense.php:39

actionadcmdr_adsense_publisher_id_changedincludes\AdminAdsense.php:46

actionadmin_initincludes\AdminAdsense.php:48

filterposts_whereincludes\AdminAdsense.php:318

actionadmin_noticesincludes\AdminAdsense.php:476

actionadmin_noticesincludes\AdminAdsense.php:480

actionadmin_noticesincludes\AdminAdsense.php:493

actionadmin_noticesincludes\AdminAdsense.php:506

actionset_object_termsincludes\AdminGroupTermMeta.php:39

actionadmin_enqueue_scriptsincludes\AdminGroupTermMeta.php:41

filterquick_edit_enabled_for_taxonomyincludes\AdminGroupTermMeta.php:52

filterpre_get_termsincludes\AdminGroupTermMeta.php:54

actionadmin_enqueue_scriptsincludes\AdminNotifications.php:49

actionedit_form_after_titleincludes\AdminPlacementPostMeta.php:32

actionadmin_enqueue_scriptsincludes\AdminPlacementPostMeta.php:33

actionpre_get_postsincludes\AdminPlacementPostMeta.php:43

actionrestrict_manage_postsincludes\AdminPlacementPostMeta.php:45

filterparse_queryincludes\AdminPlacementPostMeta.php:46

actionadmin_initincludes\AdminReports.php:58

actionadmin_noticesincludes\AdminReports.php:964

actionwp_enqueue_scriptsincludes\AdSense.php:39

filterscript_loader_tagincludes\AdSense.php:40

actioninitincludes\AdsTxt.php:18

actionwpincludes\Amp.php:35

actionamp_post_template_dataincludes\Amp.php:91

actionbunyad_amp_pre_mainincludes\Amp.php:96

actionwp_footerincludes\Amp.php:97

actionamp_post_template_footerincludes\Amp.php:98

actioninitincludes\Block.php:12

actionadmin_enqueue_scriptsincludes\Block.php:13

actionadmin_action_adcmdr-duplicateincludes\Duplicate.php:22

filterpost_row_actionsincludes\Duplicate.php:24

filteradcmdr_duplicate_post_donotcopy_meta_keysincludes\Duplicate.php:27

actioninitincludes\Frontend.php:16

actionwp_enqueue_scriptsincludes\Frontend.php:17

filterfilesystem_methodincludes\Frontend.php:239

actionwp_print_stylesincludes\Frontend.php:307

actioninitincludes\Localize.php:14

actionbefore_delete_postincludes\Maintenance.php:23

actionpre_delete_termincludes\Maintenance.php:24

filterthe_contentincludes\Placement.php:46

actionwp_headincludes\Placement.php:48

actionwp_footerincludes\Placement.php:49

actioninitincludes\PostTypes.php:13

actionafter_setup_themeincludes\PostTypes.php:14

filterposts_whereincludes\Query.php:80

actionwp_footerincludes\TrackingAmp.php:79

actionamp_post_template_footerincludes\TrackingAmp.php:83

Maintenance & Trust

Ad Commander – Ad Manager for Banners, AdSense, Ad Networks Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 9, 2026

PHP min version7.4

Downloads5K

Community Trust

Rating100/100

Number of ratings3

Active installs100

Alternatives

Ad Commander – Ad Manager for Banners, AdSense, Ad Networks Alternatives

Ad Commander Tools

ad-commander-tools

Add-on for the Ad Commander plugin that allows you to import, export, and manage ad statistics. This plugin requires Ad Commander.

50 No CVEs

In-Post Ads

adsense-in-post-ads-by-oizuled

A plugin to display ads inside your pages or posts.

600 No CVEs

AdPlugg WordPress Ad Plugin

adplugg

100

Advertising is easy with AdPlugg. The AdPlugg WordPress Ad Plugin and ad server allow you to easily manage, schedule, rotate and track your ads.

500 1 CVE

Ad Buttons

ad-buttons

The Ad Buttons plugin displays a number of graphical ads in a sidebar widget.

100 1 CVE

LexonAds: Free Ad Network – Boost Traffic & Get More Visitors

martins-free-and-easy-ad-network-get-more-visitors

The 100% free alternative to Google Ads and Facebook Ads. Join our global ad exchange network to get more website visitors and boost your visibility a …

100 1 unpatched

Developer Profile

Ad Commander – Ad Manager for Banners, AdSense, Ad Networks Developer Profile

wildoperation

6 plugins · 490 total installs

trust score

Avg Security Score

93/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Ad Commander – Ad Manager for Banners, AdSense, Ad Networks

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/ad-commander/css/admin.css/wp-content/plugins/ad-commander/css/frontend.css/wp-content/plugins/ad-commander/js/admin.js/wp-content/plugins/ad-commander/js/frontend.js

Script Paths

/wp-content/plugins/ad-commander/js/admin.js/wp-content/plugins/ad-commander/js/frontend.js

Version Parameters

ad-commander/css/admin.css?ver=ad-commander/css/frontend.css?ver=ad-commander/js/admin.js?ver=ad-commander/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

adcmdr-ui-sort-icon

Data Attributes

data-adcmdr-iddata-adcmdr-position

JS Globals

ADCMDR_DEBUGadcmdrADCmdr

REST Endpoints

/wp-json/ad-commander/

Shortcode Output

[adcmdr_banner[adcmdr_ad_code

FAQ