20 matches found
EUVD-2026-20427
Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyTrack Affiliate Link Manager: from n/a through = 1.5.5...
CVE-2026-39715
Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyTrack Affiliate Link Manager: from n/a through = 1.5.5...
CVE-2026-39715
The CVE-2026-39715 issue affects the WordPress plugin AnyTrack Affiliate Link Manager (versions through 1.5.5). A missing/incorrectly configured authorization control allows exploitation of access levels in the plugin. Affected component: plugin logic governing access control for affiliate links....
CVE-2026-39715 WordPress AnyTrack Affiliate Link Manager plugin <= 1.5.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyTrack Affiliate Link Manager: from n/a through = 1.5.5...
WordPress plugin AnyTrack Affiliate Link Manager 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-31277
Name of the Vulnerable Software and Affected Versions AnyTrack Affiliate Link Manager versions through 1.5.5 Description A missing authorization issue exists in AnyTrack Affiliate Link Manager, allowing exploitation of incorrectly configured access control security levels. Recommendations Update...
CVE-2022-0398
The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 does not have authorisation and CSRF checks when creating affiliate links, which could allow any authenticated user, such as subscriber to create arbitrary affiliate links, which could then be used to redirect users to an...
EUVD-2025-10776
Malicious code in bioql PyPI...
CVE-2025-31041
Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyTrack Affiliate Link Manager: from n/a through = 1.0.4...
CVE-2025-31041 WordPress AnyTrack Affiliate Link Manager <= 1.0.4 - Broken Access Control Vulnerability
Missing Authorization vulnerability in NotFound AnyTrack Affiliate Link Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AnyTrack Affiliate Link Manager: from n/a through 1.0.4...
CVE-2025-31041
CVE-2025-31041 : The WordPress plugin AnyTrack Affiliate Link Manager is affected up to version 1.0.4 and suffers a Missing Authorization vulnerability. Public data shows a CVSSv3.1 base score of 7.5 (HIGH) with network attack vector, low attack complexity, no privileges required, and no confiden...
CVE-2025-31041 WordPress AnyTrack Affiliate Link Manager plugin <= 1.0.4 - Broken Access Control Vulnerability
Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyTrack Affiliate Link Manager: from n/a through = 1.0.4...
WordPress AnyTrack Affiliate Link Manager plugin <= 1.0.4 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by timomangcut in WordPress Plugin AnyTrack Affiliate Link Manager versions = 1.0.4...
WordPress plugin ThirstyAffiliates Affiliate Link Manager licensing issue vulnerability (CNVD-2023-06534)
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin ThirstyAffiliates Affiliate Link Manager 3.10.5 previously had a security...
CVE-2022-0398
CVE-2022-0398 affects the WordPress plugin ThirstyAffiliates Affiliate Link Manager (versions
WordPress plugin ThirstyAffiliates 访问控制错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin ThirstyAffiliates Affiliate Link Manager 3.10.5 previously had a security...
WordPress ThirstyAffiliates Affiliate Link Manager plugin <= 3.10.4 - Unauthorized Image Upload + CSRF vulnerabilities
Unauthorized Image Upload + CSRF vulnerabilities discovered by Muhamad Hidayat in WordPress ThirstyAffiliates Affiliate Link Manager plugin versions = 3.10.4. Solution Update the WordPress ThirstyAffiliates Affiliate Link Manager plugin to the latest available version at least 3.10.5...
ThirstyAffiliates Affiliate Link Manager < 3.10.5 - Subscriber+ Arbitrary Affiliate Links Creation
The plugin does not have authorisation and CSRF checks when creating affiliate links, which could allow any authenticated user, such as subscriber to create arbitrary affiliate links, which could then be used to redirect users to an arbitrary website PoC fetch"/wp-admin/admin-ajax.php", "headers"...
WordPress ThirstyAffiliates Affiliate Link Manager plugin <= 3.10.4 - Arbitrary Affiliate Links Creation vulnerability
Arbitrary Affiliate Links Creation vulnerability discovered by Krzysztof Zając in WordPress ThirstyAffiliates Affiliate Link Manager plugin versions = 3.10.4. Solution Update the WordPress ThirstyAffiliates Affiliate Link Manager plugin to the latest available version at least 3.10.5...
CVE-2021-24127
The CVE-2021-24127 entry affects the WordPress plugin ThirstyAffiliates Affiliate Link Manager, versions before 3.9.3. The issue is an authenticated Stored Cross-Site Scripting (XSS) caused by unvalidated input and lack of output encoding in the plugin, with potential privilege escalation as desc...