Lucene search
K

4 matches found

NVD
NVD
added 11 hours ago5 views

CVE-2026-15296

The affiliate-toolkit – WP Affiliate Plugin with Amazon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'atkpproduct' shortcode in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. Th...

6.4CVSS
Exploits0References3
EUVD
EUVD
added 12 hours ago4 views

EUVD-2026-42803

The affiliate-toolkit – WP Affiliate Plugin with Amazon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'atkpproduct' shortcode in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. Th...

6.4CVSS6.1AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 8:18 a.m.5 views

CVE-2024-10227

The affiliate-toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's atkpproduct shortcode in all versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...

6.4CVSS5AI score0.00333EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/29 5:11 a.m.3 views

WordPress affiliate-toolkit plugin <= 3.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via atkp_product Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via atkpproduct Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin affiliate-toolkit versions = 3.6.5...

6.4CVSS5.8AI score0.00333EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder