27 matches found
EUVD-2024-54084
Malicious code in bioql PyPI...
EUVD-2022-15868
Malicious code in bioql PyPI...
EUVD-2024-50781
Malicious code in bioql PyPI...
EUVD-2023-32610
Malicious code in bioql PyPI...
CVE-2023-28992
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP Coupon Affiliates – WooCommerce Affiliate Plugin plugin = 5.4.3 versions...
CVE-2023-30475
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin = 5.4.5 versions...
CVE-2022-0818
The WooCommerce Affiliate Plugin WordPress plugin before 4.16.4.5 does not have authorization and CSRF checks on a specific action handler, as well as does not sanitize its settings, which enables an unauthenticated attacker to inject malicious XSS payloads into the settings page of the plugin...
CVE-2024-12336
The WC Affiliate – A Complete WooCommerce Affiliate Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'exportalldata' function in all versions up to, and including, 2.5.3. This makes it possible for authenticated attackers, with...
CVE-2024-12336 WC Affiliate – A Complete WooCommerce Affiliate Plugin <= 2.5.3 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via wf-export-all
The WC Affiliate – A Complete WooCommerce Affiliate Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'exportalldata' function in all versions up to, and including, 2.5.3. This makes it possible for authenticated attackers, with...
CVE-2024-12336
CVE-2024-12336 affects WC Affiliate – A Complete WooCommerce Affiliate Plugin for WordPress up to version 2.5.3, where a missing capability check in export_all_data allows authenticated users with Subscriber+ privileges to read sensitive affiliate data (PII). The vulnerability is confirmed by mul...
CVE-2024-12334 WC Affiliate – A Complete WooCommerce Affiliate Plugin <= 2.4 - Reflected Cross-Site Scripting
The WC Affiliate – A Complete WooCommerce Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via any parameter in all versions up to, and including, 2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2024-12334 WC Affiliate – A Complete WooCommerce Affiliate Plugin <= 2.4 - Reflected Cross-Site Scripting
The WC Affiliate – A Complete WooCommerce Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via any parameter in all versions up to, and including, 2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2024-12334
CVE-2024-12334 concerns the WC Affiliate – A Complete WooCommerce Affiliate Plugin for WordPress. Affected versions: all up to and including 2.4. Root cause: insufficient input sanitization and output escaping, enabling Reflected Cross-Site Scripting via any parameter. Impact: unauthenticated att...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin = 5.4.5 versions...
CVE-2023-30475
CVE-2023-30475 : Unauthenticated reflected XSS in the WordPress plugin “Coupon Affiliates – WooCommerce Affiliate Plugin” (Coupon Affiliates) up to version 5.4.5. Public sources identify the vulnerability as a reflected cross-site scripting issue triggered via the page parameter, with the exploit...
WordPress plugin WooCommerce Affiliate Plugin - Coupon Affiliates Cross Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2023-28992
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP Coupon Affiliates – WooCommerce Affiliate Plugin plugin = 5.4.3 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP Coupon Affiliates – WooCommerce Affiliate Plugin plugin = 5.4.3 versions...
CVE-2023-28992 WordPress Coupon Affiliates Plugin <= 5.4.3 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP Coupon Affiliates – WooCommerce Affiliate Plugin plugin = 5.4.3 versions...
CVE-2023-28992
CVE-2023-28992 is an unauthenticated reflected XSS in the Coupon Affiliates – WooCommerce Affiliate Plugin (RelyWP) up to version 5.4.3. Root cause: untrusted input echoed back without proper sanitization. Impact described as Cross-Site Scripting with potential script execution in affected pages....