3 matches found
CVE-2022-3896
The WP Affiliate Platform plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $SERVER"REQUESTURI" in versions up to, and including, 6.3.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2022-3896
The WP Affiliate Platform plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $SERVER"REQUESTURI" in versions up to, and including, 6.3.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2022-3896
The CVE-2022-3896 entry concerns the WP Affiliate Platform plugin for WordPress. A Reflected Cross-Site Scripting vulnerability exists via the $_SERVER["REQUEST_URI"] parameter in versions up to and including 6.3.9, caused by insufficient input sanitization and output escaping. This allows unauth...