56 matches found
CVE-2026-25024
Cross-Site Request Forgery CSRF vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Cross Site Request Forgery.This issue affects ThirstyAffiliates: from n/a through = 3.11.9...
CVE-2026-25024
Cross-Site Request Forgery CSRF vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Cross Site Request Forgery.This issue affects ThirstyAffiliates: from n/a through = 3.11.9...
CVE-2026-25024
CVE-2026-25024 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin ThirstyAffiliates (thirstyaffiliates) by Blair Williams, affecting versions up to and including 3.11.9. The Red Hat, NVD, CVE List, and related sources consistently state the issue is CSRF and affec...
CVE-2026-25024 WordPress ThirstyAffiliates plugin <= 3.11.9 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Cross Site Request Forgery.This issue affects ThirstyAffiliates: from n/a through = 3.11.9...
EUVD-2026-5308
Cross-Site Request Forgery CSRF vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Cross Site Request Forgery.This issue affects ThirstyAffiliates: from n/a through = 3.11.9...
CVE-2026-25024 WordPress ThirstyAffiliates plugin <= 3.11.9 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Cross Site Request Forgery.This issue affects ThirstyAffiliates: from n/a through = 3.11.9...
CVE-2026-25024
Cross-Site Request Forgery CSRF vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Cross Site Request Forgery.This issue affects ThirstyAffiliates: from n/a through = 3.11.9...
PT-2026-6255
Name of the Vulnerable Software and Affected Versions ThirstyAffiliates versions through 3.11.9 Description A Cross-Site Request Forgery CSRF issue exists in ThirstyAffiliates. This allows attackers to perform actions on behalf of authenticated users without their knowledge. The issue allows Cros...
WordPress plugin ThirstyAffiliates 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress ThirstyAffiliates plugin <= 3.11.9 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin ThirstyAffiliates versions = 3.11.9...
CVE-2022-0634
The ThirstyAffiliates WordPress plugin before 3.10.5 lacks authorization checks in the tainsertexternalimage action, allowing a low-privilege user with a role as low as Subscriber to add an image from an external URL to an affiliate link. Further the plugin lacks csrf checks, allowing an attacker...
CVE-2022-0398
The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 does not have authorisation and CSRF checks when creating affiliate links, which could allow any authenticated user, such as subscriber to create arbitrary affiliate links, which could then be used to redirect users to an...
WordPress ThirstyAffiliates plugin <= 3.11.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin ThirstyAffiliates versions = 3.11.8...
CVE-2025-67537
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Stored XSS.This issue affects ThirstyAffiliates: from n/a through = 3.11.8...
EUVD-2025-202107
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Stored XSS.This issue affects ThirstyAffiliates: from n/a through = 3.11.8...
CVE-2025-67537
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Stored XSS.This issue affects ThirstyAffiliates: from n/a through = 3.11.8...
CVE-2025-67537 WordPress ThirstyAffiliates plugin <= 3.11.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Stored XSS.This issue affects ThirstyAffiliates: from n/a through = 3.11.8...
CVE-2025-67537
CVE-2025-67537 is a stored cross-site scripting vulnerability in the WordPress plugin “ThirstyAffiliates”. The issue is described as improper input neutralization during web page generation, enabling Stored XSS in ThirstyAffiliates versions from n/a through 3.11.8. The vulnerability affects the p...
CVE-2025-67537 WordPress ThirstyAffiliates plugin <= 3.11.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Stored XSS.This issue affects ThirstyAffiliates: from n/a through = 3.11.8...
WordPress plugin ThirstyAffiliates 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...