Refine your search
1 vulnerability found for Optimize Your Campaigns – Google Shopping – Google Ads – Google Adwords by muzaara
CVE-2024-12159 (GCVE-0-2024-12159)
Vulnerability from cvelistv5
Published
2025-01-07 04:22
Modified
2026-04-08 17:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
The Optimize Your Campaigns – Google Shopping – Google Ads – Google Adwords plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.1 due to the print_php_information.php being publicly accessible. This makes it possible for unauthenticated attackers to extract sensitive configuration data that can be leveraged in another attack.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| muzaara | Optimize Your Campaigns – Google Shopping – Google Ads – Google Adwords |
Version: 0 ≤ 3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12159",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T15:55:45.536579Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T16:19:30.253Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Optimize Your Campaigns \u2013 Google Shopping \u2013 Google Ads \u2013 Google Adwords",
"vendor": "muzaara",
"versions": [
{
"lessThanOrEqual": "3.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joshua Chan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Optimize Your Campaigns \u2013 Google Shopping \u2013 Google Ads \u2013 Google Adwords plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.1 due to the print_php_information.php being publicly accessible. This makes it possible for unauthenticated attackers to extract sensitive configuration data that can be leveraged in another attack."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:24:46.309Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cfeca343-c796-45d5-a71d-8211d8b38b3e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/muzaara-adwords-optimize-dashboard/trunk/lib/muzaara/lib/google-ads-php/scripts/print_php_information.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-06T16:05:34.000Z",
"value": "Disclosed"
}
],
"title": "Optimize Your Campaigns \u2013 Google Shopping \u2013 Google Ads \u2013 Google Adwords \u003c= 3.1 - Information Exposure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-12159",
"datePublished": "2025-01-07T04:22:19.794Z",
"dateReserved": "2024-12-04T14:22:34.700Z",
"dateUpdated": "2026-04-08T17:24:46.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}