WP-Safety

AR Advertising Management Security & Risk Analysis

wordpress.org/plugins/ar-ad-manager

Plugin to manage advertisements on your website. Ultimate Ad Management for WordPress

0 active installs v1.1.5 PHP 8.1+ WP 6.0.0+ Updated Feb 12, 2026
ad-managementadvertisinggeo-targetinggoogle-analyticsresponsive-ads
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is AR Advertising Management Safe to Use in 2026?

Generally Safe

Score 100/100

AR Advertising Management has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago
Risk Assessment

The "ar-ad-manager" plugin v1.1.5 presents a mixed security posture. While it demonstrates good practices such as using prepared statements for all SQL queries and a high percentage of output escaping, there are notable concerns. The presence of two AJAX handlers without authentication checks creates a significant attack surface. Furthermore, the use of `unserialize` is a dangerous function that, if not handled with extreme care and input validation, can lead to remote code execution vulnerabilities. Taint analysis, although indicating no critical or high severity flows with unsanitized paths, did find four flows with unsanitized paths, suggesting potential for issues if inputs are not properly handled before use. The plugin's vulnerability history is clean, with no known CVEs, which is a positive sign but does not negate the risks identified in the static analysis. Overall, the lack of authentication on key entry points and the use of a dangerous function are the primary areas of concern, outweighing the strengths in SQL and output handling.

Key Concerns

  • AJAX handlers without auth checks
  • Dangerous function used: unserialize
  • Taint flows with unsanitized paths
Vulnerabilities
None known

AR Advertising Management Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

AR Advertising Management Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
139
400 escaped
Nonce Checks
4
Capability Checks
4
File Operations
2
External Requests
2
Bundled Libraries
0

Dangerous Functions Found

unserialize$ipData = @unserialize(wp_remote_retrieve_body(wp_remote_get("http://ip-api.com/php/" . $ip)));public\partials\ar-ad-manager-public-ads-process.php:376

Output Escaping

74% escaped539 total outputs
Data Flows
4 unsanitized

Data Flow Analysis

4 flows4 with unsanitized paths
addBannersFilters (admin\partials\ar-ad-manager-types.php:382)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

AR Advertising Management Attack Surface

Entry Points5
Unprotected2

AJAX Handlers 4

authwp_ajax_ar_ad_manager_grid_status_toggleadmin\partials\ar-ad-manager-admin-ajax.php:13
authwp_ajax_ar_ad_manager_grid_adzone_changeadmin\partials\ar-ad-manager-admin-ajax.php:14
authwp_ajax_ar_ad_manager_zone_datapublic\partials\ar-ad-manager-public-ajax.php:13
noprivwp_ajax_ar_ad_manager_zone_datapublic\partials\ar-ad-manager-public-ajax.php:14

Shortcodes 1

[ad_manager_display_adzone] public\partials\ar-ad-manager-public-shortcodes.php:13
WordPress Hooks 19
actionsave_postadmin\partials\ar-ad-manager-css-generator.php:13
actionadmin_noticesadmin\partials\ar-ad-manager-css-generator.php:14
filterredirect_post_locationadmin\partials\ar-ad-manager-css-generator.php:43
actionadd_meta_boxesadmin\partials\ar-ad-manager-meta-box-abstract.php:22
actionsave_postadmin\partials\ar-ad-manager-meta-box-abstract.php:23
actionmanage_posts_custom_columnadmin\partials\ar-ad-manager-types.php:81
actionrestrict_manage_postsadmin\partials\ar-ad-manager-types.php:322
filterparse_queryadmin\partials\ar-ad-manager-types.php:323
actionplugins_loadedincludes\class-ar-ad-manager.php:146
actionadmin_enqueue_scriptsincludes\class-ar-ad-manager.php:160
actionadmin_enqueue_scriptsincludes\class-ar-ad-manager.php:161
actionadmin_menuincludes\class-ar-ad-manager.php:162
actioninitincludes\class-ar-ad-manager.php:163
actioninitincludes\class-ar-ad-manager.php:164
actioninitincludes\class-ar-ad-manager.php:165
actionwp_enqueue_scriptsincludes\class-ar-ad-manager.php:180
actionwp_enqueue_scriptsincludes\class-ar-ad-manager.php:181
actioninitincludes\class-ar-ad-manager.php:182
actionposts_wherepublic\partials\ar-ad-manager-public-find-in-set.php:16
Maintenance & Trust

AR Advertising Management Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedFeb 12, 2026
PHP min version8.1
Downloads1K

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

AR Advertising Management Alternatives

SwiftAd

SwiftAd

swiftad

A
85

Swift Ad lets website administrators easily manage display advertising right from their WordPress website. 

10 No CVEs
MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy)

MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy)

google-analytics-for-wordpress

A
96

The best free Google Analytics plugin for WordPress. See how visitors find and use your website so you can grow your business with powerful analytics.

2.0M 10 CVEs
GTM4WP – A Google Tag Manager (GTM) plugin for WordPress

GTM4WP – A Google Tag Manager (GTM) plugin for WordPress

duracelltomi-google-tag-manager

A
98

Advanced tag management for WordPress with Google Tag Manager

700K 3 CVEs
WP Statistics – Simple, privacy-friendly Google Analytics alternative

WP Statistics – Simple, privacy-friendly Google Analytics alternative

wp-statistics

B
81

Get website traffic insights with GDPR/CCPA compliant, privacy-friendly analytics. Includes visitor data, stunning graphs, and no data sharing.

600K 35 CVEs
PixelYourSite – Your smart PIXEL (TAG) & API Manager

PixelYourSite – Your smart PIXEL (TAG) & API Manager

pixelyoursite

A
89

Add Meta Pixel with Conversion API, Google Analytics (GA4) + Consent Mode, Google Tag Manager, and Head & Footer scripts.

500K 11 CVEs
Developer Profile

AR Advertising Management Developer Profile

CoolS2

1 plugin · 0 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect AR Advertising Management

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ar-ad-manager/css/ar-ad-manager-admin.min.css/wp-content/plugins/ar-ad-manager/css/selectize.default.min.css/wp-content/plugins/ar-ad-manager/js/ar-ad-manager-admin.min.js/wp-content/plugins/ar-ad-manager/js/selectize.min.js/wp-content/plugins/ar-ad-manager/mdl/material.indigo-blue.min.css/wp-content/plugins/ar-ad-manager/mdl/material.min.js
Script Paths
/wp-content/plugins/ar-ad-manager/mdl/material.min.js/wp-content/plugins/ar-ad-manager/js/selectize.min.js/wp-content/plugins/ar-ad-manager/js/ar-ad-manager-admin.min.js
Version Parameters
ar-ad-manager/css/ar-ad-manager-admin.min.css?ver=ar-ad-manager/css/selectize.default.min.css?ver=ar-ad-manager/js/ar-ad-manager-admin.min.js?ver=ar-ad-manager/js/selectize.min.js?ver=ar-ad-manager/mdl/material.indigo-blue.min.css?ver=ar-ad-manager/mdl/material.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
ar-wp-ad-manager-advertisingar-ad-manager-wrap
Data Attributes
data-ar-ad-manager
JS Globals
ar_ad_manager_variables
FAQ

Frequently Asked Questions about AR Advertising Management