Lucene search
K

20 matches found

EUVD
EUVD
added 2026/04/08 9:31 a.m.6 views

EUVD-2026-20427

Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyTrack Affiliate Link Manager: from n/a through = 1.5.5...

5.9AI score0.0018EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 9:16 a.m.5 views

CVE-2026-39715

Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyTrack Affiliate Link Manager: from n/a through = 1.5.5...

5.3CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 8:30 a.m.8 views

CVE-2026-39715

The CVE-2026-39715 issue affects the WordPress plugin AnyTrack Affiliate Link Manager (versions through 1.5.5). A missing/incorrectly configured authorization control allows exploitation of access levels in the plugin. Affected component: plugin logic governing access control for affiliate links....

5.3CVSS5.9AI score0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 8:30 a.m.1 views

CVE-2026-39715 WordPress AnyTrack Affiliate Link Manager plugin <= 1.5.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyTrack Affiliate Link Manager: from n/a through = 1.5.5...

5.8AI score0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.9 views

WordPress plugin AnyTrack Affiliate Link Manager 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.3 views

PT-2026-31277

Name of the Vulnerable Software and Affected Versions AnyTrack Affiliate Link Manager versions through 1.5.5 Description A missing authorization issue exists in AnyTrack Affiliate Link Manager, allowing exploitation of incorrectly configured access control security levels. Recommendations Update...

5.8AI score0.0018EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 10:44 a.m.4 views

CVE-2022-0398

The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 does not have authorisation and CSRF checks when creating affiliate links, which could allow any authenticated user, such as subscriber to create arbitrary affiliate links, which could then be used to redirect users to an...

5.4CVSS6.7AI score0.00303EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-10776

Malicious code in bioql PyPI...

7.5CVSS8.2AI score0.00503EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/13 8:56 a.m.5 views

CVE-2025-31041

Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyTrack Affiliate Link Manager: from n/a through = 1.0.4...

7.5CVSS7.2AI score0.00503EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/11 8:42 a.m.3 views

CVE-2025-31041 WordPress AnyTrack Affiliate Link Manager <= 1.0.4 - Broken Access Control Vulnerability

Missing Authorization vulnerability in NotFound AnyTrack Affiliate Link Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AnyTrack Affiliate Link Manager: from n/a through 1.0.4...

7.5CVSS6.9AI score0.00503EPSS
Exploits0References1
CVE
CVE
added 2025/04/11 8:42 a.m.45 views

CVE-2025-31041

CVE-2025-31041 : The WordPress plugin AnyTrack Affiliate Link Manager is affected up to version 1.0.4 and suffers a Missing Authorization vulnerability. Public data shows a CVSSv3.1 base score of 7.5 (HIGH) with network attack vector, low attack complexity, no privileges required, and no confiden...

7.5CVSS7.2AI score0.00503EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/11 8:42 a.m.13 views

CVE-2025-31041 WordPress AnyTrack Affiliate Link Manager plugin <= 1.0.4 - Broken Access Control Vulnerability

Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyTrack Affiliate Link Manager: from n/a through = 1.0.4...

7.5CVSS0.00503EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/09 5:45 p.m.6 views

WordPress AnyTrack Affiliate Link Manager plugin <= 1.0.4 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by timomangcut in WordPress Plugin AnyTrack Affiliate Link Manager versions = 1.0.4...

7.5CVSS8.3AI score0.00503EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2022/04/27 12:0 a.m.17 views

WordPress plugin ThirstyAffiliates Affiliate Link Manager licensing issue vulnerability (CNVD-2023-06534)

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin ThirstyAffiliates Affiliate Link Manager 3.10.5 previously had a security...

4.3CVSS3.3AI score0.00335EPSS
Exploits2References1
CVE
CVE
added 2022/04/25 3:50 p.m.77 views

CVE-2022-0398

CVE-2022-0398 affects the WordPress plugin ThirstyAffiliates Affiliate Link Manager (versions

5.4CVSS5.4AI score0.00303EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2022/04/25 12:0 a.m.3 views

WordPress plugin ThirstyAffiliates 访问控制错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin ThirstyAffiliates Affiliate Link Manager 3.10.5 previously had a security...

4.3CVSS5.6AI score0.00335EPSS
Exploits2References3
Patchstack
Patchstack
added 2022/03/31 12:0 a.m.26 views

WordPress ThirstyAffiliates Affiliate Link Manager plugin <= 3.10.4 - Unauthorized Image Upload + CSRF vulnerabilities

Unauthorized Image Upload + CSRF vulnerabilities discovered by Muhamad Hidayat in WordPress ThirstyAffiliates Affiliate Link Manager plugin versions = 3.10.4. Solution Update the WordPress ThirstyAffiliates Affiliate Link Manager plugin to the latest available version at least 3.10.5...

4.3CVSS3.4AI score0.00335EPSS
Exploits2References3Affected Software1
WPVulnDB
WPVulnDB
added 2022/03/31 12:0 a.m.19 views

ThirstyAffiliates Affiliate Link Manager < 3.10.5 - Subscriber+ Arbitrary Affiliate Links Creation

The plugin does not have authorisation and CSRF checks when creating affiliate links, which could allow any authenticated user, such as subscriber to create arbitrary affiliate links, which could then be used to redirect users to an arbitrary website PoC fetch"/wp-admin/admin-ajax.php", "headers"...

5.4CVSS2.9AI score0.00303EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2022/03/31 12:0 a.m.29 views

WordPress ThirstyAffiliates Affiliate Link Manager plugin <= 3.10.4 - Arbitrary Affiliate Links Creation vulnerability

Arbitrary Affiliate Links Creation vulnerability discovered by Krzysztof Zając in WordPress ThirstyAffiliates Affiliate Link Manager plugin versions = 3.10.4. Solution Update the WordPress ThirstyAffiliates Affiliate Link Manager plugin to the latest available version at least 3.10.5...

5.4CVSS3.7AI score0.00303EPSS
Exploits2References3Affected Software1
CVE
CVE
added 2021/03/18 2:57 p.m.55 views

CVE-2021-24127

The CVE-2021-24127 entry affects the WordPress plugin ThirstyAffiliates Affiliate Link Manager, versions before 3.9.3. The issue is an authenticated Stored Cross-Site Scripting (XSS) caused by unvalidated input and lack of output encoding in the plugin, with potential privilege escalation as desc...

5.4CVSS5.2AI score0.00653EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder