Does AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more have any unpatched vulnerabilities?

No. All known vulnerabilities in AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more compatible with WordPress 6.7.5?

According to WordPress.org data, AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more 1.6.4 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more compatible with PHP 5.4+?

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more requires PHP 5.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Security & Risk Analysis

wordpress.org/plugins/azo-ads

A powerful tool to manage your ads in WordPress easily. Easy way to embed Google AdSense and other kinds of ad. Cool features and beautiful UI/UX.

100 active installs v1.6.4 PHP 5.4+ WP 4.9+ Updated Jan 10, 2025

adsadsensebannerpopuprotation

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Safe to Use in 2026?

Generally Safe

Score 92/100

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The azo-ads plugin v1.6.4 exhibits a generally good security posture with strong adherence to best practices in most areas. The high percentage of properly escaped outputs and prepared SQL statements indicates a developer conscious of common web vulnerabilities. The lack of recorded CVEs, even historically, is a significant positive indicator, suggesting a mature and well-maintained codebase.

However, there are critical areas for concern. The presence of the `unserialize` function, especially when combined with taint analysis revealing two flows with unsanitized paths, presents a substantial risk. If user-controlled data can reach these unserialization points without proper sanitization, it could lead to Remote Code Execution (RCE) vulnerabilities. Furthermore, the discovery of an AJAX handler without an authentication check is a direct pathway for attackers to interact with plugin functionality without authorization, potentially triggering these dangerous code paths or exploiting other weaknesses.

While the plugin has no known CVEs, the identified code signals and taint analysis findings indicate potential vulnerabilities that may not have been publicly disclosed or discovered. The strengths lie in its widespread adoption of secure coding practices, but the identified specific risks, particularly around `unserialize` and the unprotected AJAX handler, necessitate immediate attention.

Key Concerns

AJAX handler without auth check
Taint flows with unsanitized paths (critical)
Dangerous function: unserialize found

Vulnerabilities

None known

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Code Analysis

Dangerous Functions

Raw SQL Queries

10 prepared

Unescaped Output

639 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$visibility_include = unserialize( (string) $aa['aa_visibility_include'] );includes\init.php:81

unserialize$visibility_exclude = unserialize( (string) $aa['aa_visibility_exclude'] );includes\init.php:108

unserialize$targeting_include = unserialize( (string) $aa['aa_targeting_include'] );includes\init.php:134

unserialize$targeting_exclude = unserialize( (string) $aa['aa_targeting_exclude'] );includes\init.php:162

Bundled Libraries

DataTablesSelect2

SQL Query Safety

91% prepared11 total queries

Output Escaping

98% escaped651 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

4 flows2 with unsanitized paths

azoads_duplicate_ads (includes\ajax.php:413)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Attack Surface

Entry Points14

Unprotected1

AJAX Handlers 13

authwp_ajax_azoads_get_value_list_visibilityincludes\ajax.php:8

authwp_ajax_azoads_get_value_list_targetingincludes\ajax.php:163

authwp_ajax_azoads_manage_adsincludes\ajax.php:274

authwp_ajax_azoads_delete_adsincludes\ajax.php:383

authwp_ajax_azoads_duplicate_adsincludes\ajax.php:412

authwp_ajax_azoads_update_ads_statusincludes\ajax.php:470

noprivwp_ajax_azoads_reportincludes\ajax.php:517

authwp_ajax_azoads_reportincludes\ajax.php:518

authwp_ajax_azoads_reports_update_chartincludes\ajax.php:592

authwp_ajax_azoads_save_settingsincludes\ajax.php:613

authwp_ajax_azoads_get_dashboard_newsincludes\ajax.php:677

authwp_ajax_azoads_export_settingsincludes\ajax.php:700

authwp_ajax_azoads_import_settingsincludes\ajax.php:726

Shortcodes 1

[azoads] includes\functions.php:774

WordPress Hooks 20

actionadmin_menuclasses\class-azo-ads-admin-menu.php:17

actionplugins_loadedclasses\class-azo-ads-admin.php:58

filteradmin_footer_textclasses\class-azo-ads-admin.php:59

actionadmin_enqueue_scriptsclasses\class-azo-ads-admin.php:83

actionadmin_enqueue_scriptsclasses\class-azo-ads-admin.php:84

actionadmin_enqueue_scriptsincludes\ajax.php:504

actionwp_enqueue_scriptsincludes\enqueues.php:11

actionazoads_admin_after_ad_updatedincludes\hooks.php:6

actionazoads_admin_after_settings_savedincludes\hooks.php:9

actioninitincludes\init.php:10

actioninitincludes\init.php:57

actionwpincludes\init.php:68

actionsave_postincludes\template-functions.php:6

actionafter_delete_postincludes\template-functions.php:7

filterthe_contentincludes\template-functions.php:9

actioninitincludes\template-functions.php:10

actionthe_postincludes\template-functions.php:11

actionwp_headincludes\template-functions.php:13

actionwp_footerincludes\template-functions.php:15

filterplugin_action_linksincludes\template-functions.php:17

Maintenance & Trust

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 10, 2025

PHP min version5.4

Downloads5K

Community Trust

Rating100/100

Number of ratings4

Active installs100

Alternatives

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Alternatives

Ad Inserter – Ad Manager & AdSense Ads

ad-inserter

Manage Google AdSense ads, banners, ad rotation, sticky widgets, AMP ads, ads.txt, tracking, header and footer code, PHP code, global custom fields

300K 12 CVEs

Quads Ads Manager for Google AdSense

quick-adsense-reloaded

Ads & AdSense plugin supporting Media.net, DFP, ads.txt, Web Stories ads, click fraud protection, revenue sharing, and ad blocker detection.

20K 3 CVEs

Advanced Ads for WPBakery Page Builder

ads-for-visual-composer

Manage ads in your WPBakery Page Builder interface.

1K No CVEs

Ad Commander – Ad Manager for Banners, AdSense, Ad Networks

ad-commander

100

Insert image banner ads, Google AdSense, Amazon, affiliate ad networks. Rotate and randomize ad groups. Track impressions and clicks. Create ads.txt.

100 No CVEs

AD Publisher – Automatically insert post ads

ad-publisher

Automatically publishing ad code and increasing THE ad UNIT AdSense CTR

100 No CVEs

Developer Profile

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Developer Profile

AZO

2 plugins · 100 total installs

trust score

Avg Security Score

96/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/azo-ads/assets/css/admin/select2.min.css/wp-content/plugins/azo-ads/assets/css/admin/datatables.min.css/wp-content/plugins/azo-ads/assets/css/admin/apps.min.css/wp-content/plugins/azo-ads/assets/css/admin/admin.css/wp-content/plugins/azo-ads/assets/css/admin/global.css/wp-content/plugins/azo-ads/assets/js/admin/select2.min.js/wp-content/plugins/azo-ads/assets/js/admin/datatables.min.js/wp-content/plugins/azo-ads/assets/js/admin/admin.js+1 more

Script Paths

/wp-content/plugins/azo-ads/assets/js/admin/select2.min.js/wp-content/plugins/azo-ads/assets/js/admin/datatables.min.js/wp-content/plugins/azo-ads/assets/js/admin/admin.js/wp-content/plugins/azo-ads/assets/js/admin/apps.min.js

Version Parameters

azo-ads/assets/css/admin/select2.min.css?ver=azo-ads/assets/css/admin/datatables.min.css?ver=azo-ads/assets/css/admin/apps.min.css?ver=azo-ads/assets/css/admin/admin.css?ver=azo-ads/assets/css/admin/global.css?ver=azo-ads/assets/js/admin/select2.min.js?ver=azo-ads/assets/js/admin/datatables.min.js?ver=azo-ads/assets/js/admin/admin.js?ver=azo-ads/assets/js/admin/apps.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

azo-ads-dashboard-wrapazoads-main-wrapperazoads-content-wrap

Data Attributes

data-plugin-slug="azo-ads"

JS Globals

AZOADS_VERSIONAZOADS_ADMIN_AJAX_URLAZOADS_ADMIN_URL

FAQ

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Security & Risk Analysis

Is AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Safe to Use in 2026?

Generally Safe

Key Concerns

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Security Vulnerabilities

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Attack Surface

AJAX Handlers 13

Shortcodes 1

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Maintenance & Trust

Maintenance Signals

Community Trust

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Alternatives

Ad Inserter – Ad Manager & AdSense Ads

Quads Ads Manager for Google AdSense

Advanced Ads for WPBakery Page Builder

Ad Commander – Ad Manager for Banners, AdSense, Ad Networks

AD Publisher – Automatically insert post ads

AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more Developer Profile

How We Detect AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about AZO Ads – Video Ad, Banner Ad, Popup Ad, AdSense Ad & much more