14 matches found
CVE-2026-49068 WordPress Coupon Affiliates plugin <= 7.8.1 - Sensitive Data Exposure vulnerability
Subscriber Sensitive Data Exposure in Coupon Affiliates = 7.8.1 versions...
WordPress Coupon Affiliates plugin <= 7.8.1 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Stefano in WordPress Plugin Coupon Affiliates versions = 7.8.1...
CVE-2025-59567 WordPress Coupon Affiliates Plugin <= 6.8.0 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Coupon Affiliates: from n/a through 6.8.0...
WordPress Coupon Affiliates Plugin <= 6.4.0 - Settings Change Vulnerability
Settings Change Vulnerability discovered by Denver Jackson in WordPress Plugin Coupon Affiliates versions = 6.4.0...
WordPress Coupon Affiliates plugin <= 7.2.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Ryan Novotny in WordPress Plugin Coupon Affiliates versions = 7.2.0...
CVE-2025-3598 Coupon Affiliates – Affiliate Plugin for WooCommerce <= 6.3.0 - Reflected Cross-Site Scripting via 'commission_summary' Parameter
The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the commissionsummary parameter in all versions up to, and including, .6.3.0 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress plugin Coupon Affiliates – Affiliate Plugin for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2024-12421 Coupon Affiliates – Affiliate Plugin for WooCommerce <= 5.16.7.1 - Unauthenticated Arbitrary Shortcode Execution and Reflected Cross-Site Scripting
The The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.16.7.1. This is due to the software allowing users to execute an action that does not properly validate a value before running...
WordPress Plugin Coupon Affiliates Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin = 5.4.5 versions...
CVE-2023-30475
CVE-2023-30475 : Unauthenticated reflected XSS in the WordPress plugin “Coupon Affiliates – WooCommerce Affiliate Plugin” (Coupon Affiliates) up to version 5.4.5. Public sources identify the vulnerability as a reflected cross-site scripting issue triggered via the page parameter, with the exploit...
WordPress Coupon Affiliates Plugin < 5.6.0 is vulnerable to Cross Site Scripting (XSS)
Software Coupon Affiliates Type Plugin Vulnerable versions 5.6.0 Fixed in 5.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer RelyWP PSID de39047c211f Credits Rafie Muhammad Patchstack Required...
CVE-2023-28992 WordPress Coupon Affiliates Plugin <= 5.4.3 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP Coupon Affiliates – WooCommerce Affiliate Plugin plugin = 5.4.3 versions...
WordPress Coupon Affiliates Plugin <= 5.4.3 is vulnerable to Cross Site Scripting (XSS)
Software Coupon Affiliates Type Plugin Vulnerable versions = 5.4.3 Fixed in 5.4.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28992 Patch priority Medium CVSS severity Medium 7.1 Developer RelyWP PSID 3cc060340a7c Credits thiennv Required privile...