4 matches found
CVE-2025-53297
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AA-Team Woocommerce Envato Affiliates wooenvato allows Reflected XSS.This issue affects Woocommerce Envato Affiliates: from n/a through = 1.2.1...
WordPress YITH WooCommerce Affiliates Plugin <= 3.8.0 is vulnerable to Backdoor
Software YITH WooCommerce Affiliates Type Plugin Vulnerable versions = 3.8.0 Fixed in 3.8.1 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer YITH PSID 6b928027e13c Credits Sansec.io Required privilege Unauthenticated Published 3 July,...
CVE-2023-28992
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Elliot Sowersby, RelyWP Coupon Affiliates – WooCommerce Affiliate Plugin plugin = 5.4.3 versions...
WordPress YITH WooCommerce Affiliates plugin <=1.6.2 - Authenticated Settings Change (YITH Plugin Framework <=3.3.8) vulnerability
Authenticated Settings Change YITH Plugin Framework =3.3.8 vulnerability found by Jerome Bruandet in WordPress YITH WooCommerce Affiliates plugin versions =1.6.2. Solution Update the WordPress YITH WooCommerce Affiliates plugin to the latest available version at least 1.6.3...