CVE-2025-14361 WordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Settings Change vulnerability

Missing Authorization vulnerability in AA-Team Woocommerce Envato Affiliates allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1...

EUVD-2024-49366

Malicious code in bioql PyPI...

CVE-2025-59567 WordPress Coupon Affiliates Plugin <= 6.8.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Coupon Affiliates: from n/a through 6.8.0...

WordPress Coupon Affiliates Plugin <= 6.4.0 - Settings Change Vulnerability

Settings Change Vulnerability discovered by Denver Jackson in WordPress Plugin Coupon Affiliates versions = 6.4.0...

WordPress Coupon Affiliates plugin <= 7.2.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ryan Novotny in WordPress Plugin Coupon Affiliates versions = 7.2.0...

CVE-2024-8714

The WordPress Affiliates Plugin — SliceWP Affiliates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.1.20. This makes it possible for unauthenticated attackers to...

CVE-2023-27622

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Abel Ruiz GuruWalk Affiliates plugin = 1.0.0 versions...

CVE-2025-3598 Coupon Affiliates – Affiliate Plugin for WooCommerce <= 6.3.0 - Reflected Cross-Site Scripting via 'commission_summary' Parameter

The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the commissionsummary parameter in all versions up to, and including, .6.3.0 due to insufficient input sanitization and output escaping. This makes it possible for...

WordPress plugin Coupon Affiliates – Affiliate Plugin for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2024-12454

The Affiliate Program Suite — SliceWP Affiliates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.23. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to inject...

CVE-2024-12421 Coupon Affiliates – Affiliate Plugin for WooCommerce <= 5.16.7.1 - Unauthenticated Arbitrary Shortcode Execution and Reflected Cross-Site Scripting

The The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.16.7.1. This is due to the software allowing users to execute an action that does not properly validate a value before running...

WordPress WordPress Affiliates Plugin — SliceWP Affiliates plugin <= 1.1.20 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin SliceWP versions = 1.1.20...

CVE-2024-8714

The WordPress Affiliates Plugin — SliceWP Affiliates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.1.20. This makes it possible for unauthenticated attackers to...

CVE-2024-8714 WordPress Affiliates Plugin — SliceWP Affiliates <= 1.1.20 - Reflected Cross-Site Scripting

The WordPress Affiliates Plugin — SliceWP Affiliates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.1.20. This makes it possible for unauthenticated attackers to...

CVE-2024-8714

CVE-2024-8714 (SliceWP Affiliates, WordPress) is a Reflected Cross-Site Scripting vulnerability in the SliceWP Affiliates plugin for WordPress, caused by improper escaping of URLs via remove_query_arg. Affected versions are

CVE-2024-8714 WordPress Affiliates Plugin — SliceWP Affiliates <= 1.1.20 - Reflected Cross-Site Scripting

The WordPress Affiliates Plugin — SliceWP Affiliates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.1.20. This makes it possible for unauthenticated attackers to...

WordPress SliceWP Affiliates plugin <=1.1.10 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin SliceWP versions = 1.1.10...

WordPress Plugin Coupon Affiliates Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2023-27622

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Abel Ruiz GuruWalk Affiliates plugin = 1.0.0 versions...

CVE-2023-27622

CVE-2023-27622 is a stored XSS vulnerability in the WordPress plugin GuruWalk Affiliates (Abel Ruiz) affecting versions