Lucene search
K

23 matches found

CVE
CVE
added 2026/06/15 8:19 p.m.15 views

CVE-2026-49068

The CVE concerns the WordPress Coupon Affiliates plugin (versions

7.5CVSS5.2AI score0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.30 views

CVE-2026-49068 WordPress Coupon Affiliates plugin <= 7.8.1 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in Coupon Affiliates = 7.8.1 versions...

7.5CVSS0.00386EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/01 9:32 a.m.5 views

WordPress Coupon Affiliates – Affiliate Plugin for WooCommerce plugin <= 5.17.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Coupon Affiliates versions = 5.17.2...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/22 6:26 p.m.3 views

CVE-2025-59567 WordPress Coupon Affiliates Plugin <= 6.8.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Coupon Affiliates: from n/a through 6.8.0...

5.5CVSS6.6AI score0.00209EPSS
Exploits0References1
CVE
CVE
added 2025/09/22 6:26 p.m.15 views

CVE-2025-59567

CVE-2025-59567 is a real Missing Authorization issue identified in the Coupon Affiliates – Affiliate Plugin for WooCommerce. The connected Wordfence vulnerability listing confirms the flaw exists in Coupon Affiliates up to version 6.8.0 and rates it as a Medium impact (CVSS v3.1: 5.5; network att...

5.5CVSS5.9AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/22 6:26 p.m.17 views

CVE-2025-59567 WordPress Coupon Affiliates Plugin <= 6.8.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coupon Affiliates: from n/a through = 6.8.0...

5.5CVSS0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/11 7:24 a.m.23 views

CVE-2025-8692 Coupon API <= 6.2.12 - Authenticated (Administrator+) SQL Injection via 'log_duration'

The Coupon API plugin for WordPress is vulnerable to SQL Injection via the ‘logduration’ parameter in all versions up to, and including, 6.2.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

4.9CVSS0.0038EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/09/11 2:31 a.m.11 views

WordPress Coupon API plugin <= 6.2.12 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Coupon API versions = 6.2.12...

4.9CVSS7.8AI score0.0038EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/08/20 8:3 a.m.10 views

CVE-2025-54025 WordPress Coupon Affiliates Plugin <= 6.4.0 - Settings Change Vulnerability

Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coupon Affiliates: from n/a through = 6.4.0...

6.5CVSS0.00236EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 8:3 a.m.4 views

CVE-2025-54025 WordPress Coupon Affiliates Plugin <= 6.4.0 - Settings Change Vulnerability

Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Coupon Affiliates: from n/a through 6.4.0...

6.5CVSS7.1AI score0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/16 10:36 a.m.11 views

CVE-2025-54022 WordPress Coupon Affiliates plugin <= 6.4.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Cross Site Request Forgery.This issue affects Coupon Affiliates: from n/a through = 6.4.0...

6.5CVSS0.00152EPSS
Exploits0References1
CVE
CVE
added 2025/07/16 10:36 a.m.17 views

CVE-2025-54022

CVE-2025-54022 is a CSRF vulnerability in the WordPress plugin Coupon Affiliates (Elliot Sowersby) affecting versions through 6.4.0. Public sources indicate the issue has been patched in newer releases; the vulnerability could allow an authenticated actor to perform actions on behalf of a logged-...

6.5CVSS5.9AI score0.00152EPSS
Exploits0References1
CVE
CVE
added 2024/12/31 10:16 a.m.49 views

CVE-2024-56235

CVE-2024-56235 affects the WordPress Coupon plugin. The vulnerability is a DOM-Based XSS caused by improper input neutralization during page generation, impacting Coupon versions up to 1.2.1 (per NVD/Red Hat) and up to 1.2.2 (per Patchstack). Affected component: Coupon plugin for WordPress. Impac...

6.5CVSS7.2AI score0.00226EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/31 10:16 a.m.6 views

CVE-2024-56235 WordPress Coupon plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Coupon Plugin Coupon allows DOM-Based XSS.This issue affects Coupon: from n/a through 1.2.1...

6.5CVSS6.9AI score0.00226EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/12/19 4:21 p.m.5 views

WordPress Coupon plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Coupon versions = 1.2.2...

6.5CVSS6.1AI score0.00226EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/03/16 12:0 a.m.19 views

WordPress Coupon Affiliates Plugin <= 5.12.7 is vulnerable to Cross Site Scripting (XSS)

Software Coupon Affiliates Type Plugin Vulnerable versions = 5.12.7 Fixed in 5.12.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29125 Patch priority Medium CVSS severity Medium 7.1 Developer RelyWP PSID 81253acd1aca Credits stealthcopter Required privilege...

7.1CVSS6.5AI score0.00402EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.8 views

WordPress WP Coupons and Deals – WordPress Coupon Plugin Plugin < 3.1.19 is vulnerable to Cross Site Scripting (XSS)

Software WP Coupons and Deals – WordPress Coupon Plugin Type Plugin Vulnerable versions 3.1.19 Fixed in 3.1.19 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f1b62167704e Credits...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.7 views

WordPress Coupon Affiliates Plugin < 5.6.0 is vulnerable to Cross Site Scripting (XSS)

Software Coupon Affiliates Type Plugin Vulnerable versions 5.6.0 Fixed in 5.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer RelyWP PSID de39047c211f Credits Rafie Muhammad Patchstack Required...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/06/26 12:0 a.m.4 views

WordPress Plugin Coupon Affiliates-WooCommerce Affiliate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6.9AI score0.00382EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/04/13 12:0 a.m.9 views

WordPress Coupon Affiliates Plugin <= 5.4.5 is vulnerable to Cross Site Scripting (XSS)

Software Coupon Affiliates Type Plugin Vulnerable versions = 5.4.5 Fixed in 5.4.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-30475 Patch priority Medium CVSS severity Medium 7.1 Developer RelyWP PSID c2b6ffabba83 Credits Ivy TOOR, LISA Required...

7.1CVSS5.7AI score0.00379EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder