CVE-2025-47660

Deserialization of Untrusted Data vulnerability in Codexpert, Inc WC Affiliate wc-affiliate allows Object Injection.This issue affects WC Affiliate: from n/a through = 2.16...

CVE-2025-47660

Deserialization of Untrusted Data vulnerability in Codexpert, Inc WC Affiliate wc-affiliate allows Object Injection.This issue affects WC Affiliate: from n/a through = 2.16...

CVE-2025-47660 WordPress WC Affiliate plugin <= 2.16 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Codexpert, Inc WC Affiliate wc-affiliate allows Object Injection.This issue affects WC Affiliate: from n/a through = 2.16...

CVE-2025-47660 WordPress WC Affiliate plugin <= 2.16 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Codexpert, Inc WC Affiliate wc-affiliate allows Object Injection.This issue affects WC Affiliate: from n/a through = 2.16...

CVE-2025-47660

CVE-2025-47660 is a deserialization of untrusted data vulnerability (PHP Object Injection) in the WordPress plugin WC Affiliate by Codexpert. Affected versions are listed as from n/a through 2.9.1, with related sources noting a broader reference set including WC Affiliate

PT-2025-22772 · Unknown · Wc Affiliate

Name of the Vulnerable Software and Affected Versions: WC Affiliate versions n/a through 2.9.1 Description: The issue is related to Deserialization of Untrusted Data, which allows Object Injection. This is a problem where an application deserializes data from an untrusted source, potentially...

CVE-2024-12336

The WC Affiliate – A Complete WooCommerce Affiliate Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'exportalldata' function in all versions up to, and including, 2.5.3. This makes it possible for authenticated attackers, with...

WordPress plugin WC Affiliate – A Complete WooCommerce Affiliate Plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WC Affilia...

WordPress WC Affiliate plugin < 2.4 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin WC Affiliate versions 2.4...

CVE-2024-12321

The WC Affiliate WordPress plugin through 2.3.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-12321

The WC Affiliate WordPress plugin through 2.3.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-12321

CVE-2024-12321 : The WC Affiliate WordPress plugin (versions up to 2.3.9) does not sanitize/escape a user-controlled parameter before echoing it in a page, enabling a reflected Cross-Site Scripting vulnerability. Impact is described as potentially actionable against high-privilege users such as a...

CVE-2024-12321 WC Affiliate <= 2.3.9 - Reflected XSS

The WC Affiliate WordPress plugin through 2.3.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-12321 WC Affiliate <= 2.3.9 - Reflected XSS

The WC Affiliate WordPress plugin through 2.3.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

PT-2025-1814 · WordPress · Wc Affiliate

Name of the Vulnerable Software and Affected Versions: WC Affiliate WordPress plugin versions 2.3.9 and earlier Description: The issue arises from the plugin not sanitizing and escaping a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. This could be...

WordPress plugin WC Affiliate 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin WC Affiliate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...