Does Sell Ads have any unpatched vulnerabilities?

No. All known vulnerabilities in Sell Ads have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Sell Ads compatible with WordPress 6.3.8?

According to WordPress.org data, Sell Ads 1.5.2 has been tested up to WordPress 6.3.8. Check the plugin's changelog for the latest compatibility information.

Is Sell Ads compatible with PHP 7.0+?

Sell Ads requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Sell Ads updated?

Sell Ads was last updated on Oct 9, 2023. Frequent updates are generally a positive security signal.

What is Sell Ads's security score?

Sell Ads has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Sell Ads Security & Risk Analysis

wordpress.org/plugins/sell-ads

You want to sell ads? Do you want to sell your ad space easily, directly and without any advertising network? This is exactly the solution of Sell Ads …

10 active installs v1.5.2 PHP 7.0+ WP 5.2+ Updated Oct 9, 2023

ad-manageradsads-txtadsenseamp

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Sell Ads Safe to Use in 2026?

Generally Safe

Score 85/100

Sell Ads has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The "sell-ads" plugin version 1.5.2 demonstrates a generally strong security posture based on the provided static analysis. It utilizes prepared statements for all SQL queries, properly escapes all output, and implements nonce and capability checks on its identified entry points. The absence of dangerous functions, file operations, and known vulnerabilities in its history are positive indicators. The plugin also avoids bundling external libraries, which can sometimes introduce vulnerabilities if not kept up-to-date.

However, a significant concern arises from the taint analysis, which identified 4 flows with unsanitized paths among the 5 analyzed. While these were not classified as critical or high severity, unsanitized paths inherently represent a risk of potential injection vulnerabilities. The presence of external HTTP requests, while not inherently a vulnerability, warrants attention as they could be exploited if not handled securely. The limited number of entry points and the fact that they are protected are strengths, but the unsanitized paths in the taint analysis introduce a notable area of concern that requires further investigation.

Overall, the plugin appears to follow good development practices in many areas, particularly regarding database interactions and output handling. Its clean vulnerability history further reinforces this. Nevertheless, the unsanitized path flows in the taint analysis are a significant weakness that could lead to security issues if exploited. A balanced view suggests a plugin with good intentions and practices, but with a critical blind spot in data sanitization for certain internal data flows.

Key Concerns

Unsanitized paths in taint analysis
External HTTP requests present

Vulnerabilities

None known

Sell Ads Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Sell Ads Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

175 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped175 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

5 flows4 with unsanitized paths

wpsap_job_status (inc\campaign_fields.php:350)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Sell Ads Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 2

authwp_ajax_wpsap_upload_imageinc\ajax.php:29

noprivwp_ajax_wpsap_upload_imageinc\ajax.php:30

Shortcodes 1

[wpsap_ads] inc\shortcode.php:51

WordPress Hooks 25

actionadd_meta_boxesinc\campaign_fields.php:14

actionsave_post_ads_campaigninc\campaign_fields.php:173

filtermanage_ads_campaign_posts_columnsinc\campaign_fields.php:177

actionmanage_ads_campaign_posts_custom_columninc\campaign_fields.php:190

filtermanage_ads_order_posts_columnsinc\campaign_fields.php:212

actionmanage_ads_order_posts_custom_columninc\campaign_fields.php:229

actionadmin_footerinc\campaign_fields.php:331

actionadmin_initinc\campaign_fields.php:349

actioninitinc\hooks.php:4

actioninitinc\hooks.php:79

actionadmin_headinc\hooks.php:120

filterenter_title_hereinc\hooks.php:163

actionadmin_menuinc\hooks.php:172

actionadmin_footerinc\hooks.php:174

actionsave_postinc\hooks.php:183

actioninitinc\hooks.php:197

actioninitinc\hooks.php:248

actionadmin_footer-post.phpinc\hooks.php:251

actioninitinc\hooks.php:285

actionadmin_footer-post.phpinc\hooks.php:288

actioninitinc\hooks.php:321

actionadmin_footer-post.phpinc\hooks.php:324

actionadmin_menuinc\settings.php:8

actionadmin_initinc\settings.php:9

actionwp_enqueue_scriptswp-sap.php:40

Maintenance & Trust

Sell Ads Maintenance & Trust

Maintenance Signals

WordPress version tested6.3.8

Last updatedOct 9, 2023

PHP min version7.0

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs10

Alternatives

Sell Ads Alternatives

Ad Inserter – Ad Manager & AdSense Ads

ad-inserter

Manage Google AdSense ads, banners, ad rotation, sticky widgets, AMP ads, ads.txt, tracking, header and footer code, PHP code, global custom fields

300K 12 CVEs

Easy Google AdSense

easy-google-adsense

100

Easily add Google AdSense ad code to your WordPress site. Automatically show Google ads optimized for your site at optimal times and increase revenue.

5K No CVEs

Ads.txt Manager

ads-txt

100

Create, manage, and validate your ads.txt and app-ads.txt from within WordPress, like any other content asset.

100K No CVEs

Advanced Ads – Ad Manager & AdSense

advanced-ads

The only complete toolkit for all ad types. Grow your revenue with AdSense, Amazon—or any affiliate network. Get pinpoint targeting and best support!

100K 8 CVEs

AdRotate Banner Manager

adrotate

Easily manage, and schedule ads on your WordPress site with AdRotate. Support for Google AdSense, Amazon, and custom banners. Start monetizing today!

20K 9 CVEs

Developer Profile

Sell Ads Developer Profile

Joe

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Sell Ads

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/sell-ads/css/style.css/wp-content/plugins/sell-ads/js/script.js/wp-content/plugins/sell-ads/inc/page/style.css/wp-content/plugins/sell-ads/inc/page/wp-sap.js

Script Paths

/wp-content/plugins/sell-ads/js/script.js/wp-content/plugins/sell-ads/inc/page/wp-sap.js

Version Parameters

sell-ads/css/style.css?ver=sell-ads/js/script.js?ver=sell-ads/inc/page/style.css?ver=sell-ads/inc/page/wp-sap.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpsap_ads_plugin_ads_boxwpsap_ads_plugin_ads_box_containerwpsap_ads_plugin_ads_box_titlewpsap_ads_plugin_ads_box_btncampaign_information_tabletooltiptooltiptext

Data Attributes

data-href

JS Globals

wpsapAjax

Shortcode Output

[wpsap_ads]

FAQ