WordPress LWS Affiliation Plugin <= 2.3.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin LWS Affiliation versions = 2.3.6...

CVE-2025-57934 WordPress LWS Affiliation Plugin <= 2.3.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Aurélien LWS LWS Affiliation lws-affiliation allows Cross Site Request Forgery.This issue affects LWS Affiliation: from n/a through = 2.3.6...

CVE-2025-57934 WordPress LWS Affiliation Plugin <= 2.3.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Aurélien LWS LWS Affiliation lws-affiliation allows Cross Site Request Forgery.This issue affects LWS Affiliation: from n/a through = 2.3.6...

WordPress LWS Affiliation Plugin <= 2.3.4 is vulnerable to Broken Access Control

Software LWS Affiliation Type Plugin Vulnerable versions = 2.3.4 Fixed in 2.3.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43962 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID a2763521797a Credits Fariq Fadillah Gusti Insani...

WordPress LWS Affiliation Plugin <= 2.2.6 is vulnerable to Local File Inclusion

Software LWS Affiliation Type Plugin Vulnerable versions = 2.2.6 Fixed in 2.3 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2023-32297 Patch priority High CVSS severity High 9 Developer Claim ownership PSID f62752ba5867 Credits Jonas Höbenreich Required privilege...