Does AdControl have any unpatched vulnerabilities?

No. All known vulnerabilities in AdControl have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is AdControl compatible with WordPress 5.6.17?

According to WordPress.org data, AdControl 1.5 has been tested up to WordPress 5.6.17. Check the plugin's changelog for the latest compatibility information.

How often is AdControl updated?

AdControl was last updated on Feb 11, 2021. Frequent updates are generally a positive security signal.

What is AdControl's security score?

AdControl has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

AdControl Security & Risk Analysis

wordpress.org/plugins/radcontrol

Harness WordPress.com's advertising partners for your own website.

100 active installs v1.5 PHP + WP 3.4+ Updated Feb 11, 2021

ad-codesadsadvertising

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is AdControl Safe to Use in 2026?

Generally Safe

Score 85/100

AdControl has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The radcontrol plugin v1.5 exhibits a generally strong security posture based on the provided static analysis. The plugin has no known vulnerabilities (CVEs) and a clean history, which is a very positive indicator. The attack surface is minimal, with no unprotected AJAX handlers, REST API routes, or shortcodes, suggesting good access control practices. However, the static analysis does reveal some areas for concern. A significant portion of SQL queries are not using prepared statements, which can open the door to SQL injection vulnerabilities if the data influencing these queries is not meticulously sanitized. While a good number of outputs are properly escaped, the 52% properly escaped rate means the remaining 48% are vulnerable to cross-site scripting (XSS) attacks. The absence of nonce checks on the identified cron event is also a notable weakness that could potentially be exploited.

Key Concerns

Raw SQL queries without prepared statements
Improper output escaping (48% unescaped)
No nonce check on cron events

Vulnerabilities

None known

AdControl Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

AdControl Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

27 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

52% escaped52 total outputs

Attack Surface

AdControl Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 21

actionplugins_loadedadcontrol.php:38

actioninitadcontrol.php:98

actionwp_headadcontrol.php:149

actionwp_headadcontrol.php:150

actionwp_enqueue_scriptsadcontrol.php:151

filterthe_contentadcontrol.php:154

filterthe_excerptadcontrol.php:157

actionwp_footeradcontrol.php:165

actionwp_headadcontrol.php:168

actionadmin_noticesadcontrol.php:555

actionadmin_menuphp\admin.php:46

actionadmin_initphp\admin.php:47

actionadmin_enqueue_scriptsphp\admin.php:48

actionadmin_menuphp\admin.php:50

actionadmin_menuphp\admin.php:52

actionadmin_noticesphp\admin.php:60

actionadmin_noticesphp\admin.php:64

actionadcontrol_cron_statusphp\cron.php:16

actionadmin_menuphp\no-jetpack.php:16

actionadmin_noticesphp\no-jetpack.php:21

actionwidgets_initphp\widgets.php:108

Scheduled Events 1

adcontrol_cron_status

Maintenance & Trust

AdControl Maintenance & Trust

Maintenance Signals

WordPress version tested5.6.17

Last updatedFeb 11, 2021

PHP min version

Downloads23K

Community Trust

Rating100/100

Number of ratings5

Active installs100

Alternatives

AdControl Alternatives

Ad Code Manager

ad-code-manager

100

Manage your ad codes through the WordPress admin safely and easily.

50 No CVEs

Ads.txt Manager

ads-txt

100

Create, manage, and validate your ads.txt and app-ads.txt from within WordPress, like any other content asset.

100K No CVEs

Website Article Monetization By MageNet

website-article-monetization-by-magenet

100

Get additional income from your website or blog by placing text ads automatically.

20K 1 CVE

Website Monetization by MageNet

website-monetization-by-magenet

100

Get additional income from your website or blog by placing text ads automatically.

20K 1 CVE

Meks Easy Ads Widget

meks-easy-ads-widget

Display unlimited number of ads inside your WordPress widget.

10K 1 CVE

Developer Profile

AdControl Developer Profile

Derek Springer

2 plugins · 200 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

8 days

View full developer profile

Detection Fingerprints

How We Detect AdControl

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/adcontrol/css/ac-style.css

Script Paths

//s.pubmine.com/head.js

Version Parameters

adcontrol/css/ac-style.css?ver=

HTML / DOM Fingerprints

Data Attributes

data-cfasync="false"

JS Globals

__ATA_PP__ATA__ATA.cmd__ATA.criteo__ATA.criteo.cmd

FAQ