EUVD-2022-30304

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Multiple access control vulnerabilities in StoreApps Affiliate For WooCommerce plugin up to version 4.7.0.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2022-25649	1 Aug 202221:57	–	attackerkb
CNNVD	WordPress plugin Affiliate For WooCommerce 安全漏洞	5 Aug 202200:00	–	cnnvd
CVE	CVE-2022-25649	5 Aug 202215:07	–	cve
Cvelist	CVE-2022-25649 WordPress Affiliate For WooCommerce premium plugin <= 4.7.0 - Multiple Improper Access Control vulnerabilities	5 Aug 202215:07	–	cvelist
NVD	CVE-2022-25649	5 Aug 202216:15	–	nvd
OSV	CVE-2022-25649	5 Aug 202216:15	–	osv
Patchstack	WordPress Affiliate For WooCommerce premium plugin <= 4.7.0 - Multiple Improper Access Control vulnerabilities	1 Aug 202200:00	–	patchstack
Prion	Improper access control	5 Aug 202216:15	–	prion
Positive Technologies	PT-2022-17434 · Woocommerce · Storeapps Affiliate For Woocommerce	5 Aug 202200:00	–	ptsecurity
Vulnrichment	CVE-2022-25649 WordPress Affiliate For WooCommerce premium plugin <= 4.7.0 - Multiple Improper Access Control vulnerabilities	5 Aug 202215:07	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "c78403cd-5a66-3e0b-8219-fb094fb4b935",
        "vendor": {
          "name": "StoreApps"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "9c888d9c-d6c3-3ffe-b8ae-26d63bb678e7",
        "product": {
          "name": "Affiliate For WooCommerce (WordPress plugin)"
        },
        "product_version": "≤ 4.7.0 ≤4.7.0"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/affiliate-for-woocommerce/wordpress-affiliate-for-woocommerce-premium-plugin-4-7-0-multiple-improper-access-control-vulnerabilities
dzv365zjfbd8v	www.dzv365zjfbd8v.cloudfront.net/changelogs/affiliate-for-woocommerce/changelog.txt

03 Oct 2025 20:07Current

8.5High risk

Vulners AI Score8.5

CVSS 3.15 - 8.8

EPSS0.00576

SSVC