Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.11 views

CVE-2025-14361

Missing Authorization vulnerability in AA-Team Woocommerce Envato Affiliates allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1...

7.1CVSS5.4AI score0.00248EPSS
Exploits0References1
NVD
NVD
added 2026/05/26 9:16 p.m.20 views

CVE-2025-14361

Missing Authorization vulnerability in AA-Team Woocommerce Envato Affiliates allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1...

7.1CVSS0.00248EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 8:58 p.m.9 views

CVE-2025-14361

Missing Authorization vulnerability in AA-Team Woocommerce Envato Affiliates allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1...

7.1CVSS5.8AI score0.00248EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/26 8:58 p.m.11 views

EUVD-2025-209937

Missing Authorization vulnerability in AA-Team Woocommerce Envato Affiliates allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1...

7.1CVSS5.8AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 8:58 p.m.36 views

CVE-2025-14361 WordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Settings Change vulnerability

Missing Authorization vulnerability in AA-Team Woocommerce Envato Affiliates allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1...

7.1CVSS0.00248EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 8:58 p.m.9 views

CVE-2025-14361 WordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Settings Change vulnerability

Missing Authorization vulnerability in AA-Team Woocommerce Envato Affiliates allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1...

7.1CVSS5.8AI score0.00248EPSS
Exploits0References1
CVE
CVE
added 2026/05/26 8:58 p.m.21 views

CVE-2025-14361

CVE-2025-14361 affects the WordPress plugin AA-Team Woocommerce Envato Affiliates (

7.1CVSS5.8AI score0.00248EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/26 5:45 a.m.11 views

WordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Settings Change vulnerability

Settings Change vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Woocommerce Envato Affiliates versions = 1.2.1...

7.1CVSS5.8AI score0.00248EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.12 views

PT-2026-43413

Name of the Vulnerable Software and Affected Versions Woocommerce Envato Affiliates versions prior to 1.2.2 Description A missing authorization issue allows access to functionality that is not properly constrained by Access Control Lists ACLs, which are sets of rules that define which users or...

7.1CVSS5.8AI score0.00248EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

WordPress plugin Woocommerce Envato Affiliates 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

7.1CVSS5.8AI score0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/22 3:31 p.m.3 views

EUVD-2025-35467

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AA-Team Woocommerce Envato Affiliates wooenvato allows Reflected XSS.This issue affects Woocommerce Envato Affiliates: from n/a through = 1.2.1...

5.9AI score0.00214EPSS
Exploits0References2
NVD
NVD
added 2025/10/22 3:15 p.m.4 views

CVE-2025-53297

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AA-Team Woocommerce Envato Affiliates wooenvato allows Reflected XSS.This issue affects Woocommerce Envato Affiliates: from n/a through = 1.2.1...

7.1CVSS0.00214EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 2:32 p.m.10 views

CVE-2025-53297

The CVE-2025-53297 entry concerns the AA-Team Woocommerce Envato Affiliates plugin (wooenvato) for WordPress, affected up to version 1.2.1. Technical details across Red Hat, NVD, CVE lists, and third-party advisories identify a Reflected Cross‑Site Scripting (XSS) vulnerability caused by improper...

7.1CVSS6AI score0.00214EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.2 views

CVE-2025-53297 WordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AA-Team Woocommerce Envato Affiliates wooenvato allows Reflected XSS.This issue affects Woocommerce Envato Affiliates: from n/a through = 1.2.1...

7.1CVSS6AI score0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 2:32 p.m.8 views

CVE-2025-53297 WordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AA-Team Woocommerce Envato Affiliates wooenvato allows Reflected XSS.This issue affects Woocommerce Envato Affiliates: from n/a through = 1.2.1...

7.1CVSS0.00214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.5 views

PT-2025-43255

Name of the Vulnerable Software and Affected Versions AA-Team Woocommerce Envato Affiliates versions through 1.2.1 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Reflected Cross-Site Scripting XSS condition...

7.1CVSS6.2AI score0.00214EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.3 views

WordPress plugin Woocommerce Envato Affiliates 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripti...

7.1CVSS6AI score0.00214EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/11 7:15 p.m.5 views

WordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Woocommerce Envato Affiliates versions = 1.2.1...

7.1CVSS6.1AI score0.00214EPSS
Exploits0Affected Software1
Rows per page
Query Builder