Affiliates Manager < 2.9.0 - Cross Site Scripting

The plugin does not validate, sanitise and escape the IP address of requests logged by the click tracking feature, allowing unauthenticated attackers to perform Cross-Site Scripting attacks against admin viewing the tracked requests. id: CVE-2021-25078 info: name: Affiliates Manager 2.9.0 - Cross...

WordPress 2kb Amazon Affiliates Store <2.1.1 - Cross-Site Scripting

WordPress 2kb Amazon Affiliates Store plugin before 2.1.1 contains multiple cross-site scripting vulnerabilities. The plugin allows an attacker to inject arbitrary web script or HTML via the 1 page parameter or 2 kbAction parameter in the kbAmz page to wp-admin/admin.php, thus making possible the...

CVE-2026-57654

Affiliate Broken Access Control in Affiliates Manager = 2.9.49 versions...

CVE-2026-57654

CVE-2026-57654 affects the WordPress Affiliates Manager plugin ≤ 2.9.49, described as a Broken Access Control vulnerability. The connected documents consistently label the issue as “Affiliate Broken Access Control in Affiliates Manager

WordPress Affiliates Manager plugin <= 2.9.49 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin Affiliates Manager versions = 2.9.49...

EUVD-2026-36979

Unauthenticated Cross Site Scripting XSS in Coupon Affiliates = 7.5.3 versions...

CVE-2026-52692

Unauthenticated Sensitive Data Exposure in Affiliates Manager = 2.9.50 versions...

CVE-2026-49068

Subscriber Sensitive Data Exposure in Coupon Affiliates = 7.8.1 versions...

CVE-2026-40770

Unauthenticated Cross Site Scripting XSS in Coupon Affiliates = 7.5.3 versions...

CVE-2026-52692 WordPress Affiliates Manager plugin <= 2.9.50 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Affiliates Manager = 2.9.50 versions...

CVE-2026-52692 WordPress Affiliates Manager plugin <= 2.9.50 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Affiliates Manager = 2.9.50 versions...

CVE-2026-52692

Affected software: WordPress Affiliates Manager plugin (WordPress)

EUVD-2026-36899

Unauthenticated Sensitive Data Exposure in Affiliates Manager = 2.9.50 versions...

CVE-2026-49068 WordPress Coupon Affiliates plugin <= 7.8.1 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in Coupon Affiliates = 7.8.1 versions...

CVE-2026-49068 WordPress Coupon Affiliates plugin <= 7.8.1 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in Coupon Affiliates = 7.8.1 versions...

EUVD-2026-36875

Subscriber Sensitive Data Exposure in Coupon Affiliates = 7.8.1 versions...

CVE-2026-49068

The CVE concerns the WordPress Coupon Affiliates plugin (versions

CVE-2026-40770 WordPress Coupon Affiliates plugin <= 7.5.3 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Coupon Affiliates = 7.5.3 versions...

CVE-2026-40770

CVE-2026-40770 concerns the WordPress plugin Coupon Affiliates (versions

PT-2026-49414

Unauthenticated Cross Site Scripting XSS in Coupon Affiliates = 7.5.3 versions...