44 matches found
CVE-2023-30475
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin = 5.4.5 versions...
WordPress Coupon Affiliates plugin <= 6.3.0 - Reflected Cross-Site Scripting via 'commission_summary' Parameter vulnerability
Reflected Cross-Site Scripting via 'commissionsummary' Parameter vulnerability discovered by wesley wcraft in WordPress Plugin Coupon Affiliates versions = 6.3.0...
CVE-2025-39554
Missing Authorization vulnerability in Elliot Sowersby / RelyWP AI Text to Speech ai-text-to-speech allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Text to Speech: from n/a through = 3.0.3...
CVE-2025-39554
CVE-2025-39554 is a Missing Authorization / broken access control vulnerability in the WordPress AI Text to Speech plugin (versions ≤ 3.0.3). Attack context per available data indicates unprivileged, network-scoped access could be abused due to incorrectly configured access control levels, enabli...
WordPress AI Text to Speech plugin <= 3.0.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Mika in WordPress Plugin AI Text to Speech versions = 3.0.3...
PT-2025-17180 · Unknown · Relywp Ai Text To Speech
Name of the Vulnerable Software and Affected Versions: RelyWP AI Text to Speech versions 3.0.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For RelyWP AI Text...
CVE-2024-29125
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage.This issue affects Coupon Affiliates: from n/a through = 5.12.7...
CVE-2024-29125
CVE-2024-29125 is a Reflected XSS in the WooCommerce Coupon Affiliates plugin (Coupon Affiliates) for WordPress. Affected: Coupon Affiliates up to version 5.12.7. Root cause: Improper neutralization of input during web page generation. Impact: Reflected cross-site scripting possible in pages usin...
PT-2024-22746 · Unknown · Relywp Coupon Affiliates
Name of the Vulnerable Software and Affected Versions: RelyWP Coupon Affiliates versions through 5.12.7 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations: For versions throu...
WordPress Coupon Affiliates Plugin <= 5.12.7 is vulnerable to Cross Site Scripting (XSS)
Software Coupon Affiliates Type Plugin Vulnerable versions = 5.12.7 Fixed in 5.12.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29125 Patch priority Medium CVSS severity Medium 7.1 Developer RelyWP PSID 81253acd1aca Credits stealthcopter Required privilege...
VulnCheck KEV: CVE-2024-29125
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage.This issue affects Coupon Affiliates: from n/a through = 5.12.7...
CVE-2023-30475
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin = 5.4.5 versions...
CVE-2023-30475
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin = 5.4.5 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin = 5.4.5 versions...
CVE-2023-30475
CVE-2023-30475 : Unauthenticated reflected XSS in the WordPress plugin “Coupon Affiliates – WooCommerce Affiliate Plugin” (Coupon Affiliates) up to version 5.4.5. Public sources identify the vulnerability as a reflected cross-site scripting issue triggered via the page parameter, with the exploit...
WordPress Coupon Affiliates Plugin < 5.6.0 is vulnerable to Cross Site Scripting (XSS)
Software Coupon Affiliates Type Plugin Vulnerable versions 5.6.0 Fixed in 5.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer RelyWP PSID de39047c211f Credits Rafie Muhammad Patchstack Required...
CVE-2023-28992
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP Coupon Affiliates – WooCommerce Affiliate Plugin plugin = 5.4.3 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP Coupon Affiliates – WooCommerce Affiliate Plugin plugin = 5.4.3 versions...
CVE-2023-28992 WordPress Coupon Affiliates Plugin <= 5.4.3 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP Coupon Affiliates – WooCommerce Affiliate Plugin plugin = 5.4.3 versions...
CVE-2023-28992
CVE-2023-28992 is an unauthenticated reflected XSS in the Coupon Affiliates – WooCommerce Affiliate Plugin (RelyWP) up to version 5.4.3. Root cause: untrusted input echoed back without proper sanitization. Impact described as Cross-Site Scripting with potential script execution in affected pages....