16 matches found
CVE-2026-49068 WordPress Coupon Affiliates plugin <= 7.8.1 - Sensitive Data Exposure vulnerability
Subscriber Sensitive Data Exposure in Coupon Affiliates = 7.8.1 versions...
CVE-2026-49068
The CVE concerns the WordPress Coupon Affiliates plugin (versions
WordPress Coupon Affiliates – Affiliate Plugin for WooCommerce plugin <= 5.17.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Coupon Affiliates versions = 5.17.2...
CVE-2025-59567 WordPress Coupon Affiliates Plugin <= 6.8.0 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coupon Affiliates: from n/a through = 6.8.0...
CVE-2025-59567
CVE-2025-59567 is a real Missing Authorization issue identified in the Coupon Affiliates – Affiliate Plugin for WooCommerce. The connected Wordfence vulnerability listing confirms the flaw exists in Coupon Affiliates up to version 6.8.0 and rates it as a Medium impact (CVSS v3.1: 5.5; network att...
CVE-2025-59567 WordPress Coupon Affiliates Plugin <= 6.8.0 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Coupon Affiliates: from n/a through 6.8.0...
CVE-2025-54025 WordPress Coupon Affiliates Plugin <= 6.4.0 - Settings Change Vulnerability
Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coupon Affiliates: from n/a through = 6.4.0...
CVE-2025-54025 WordPress Coupon Affiliates Plugin <= 6.4.0 - Settings Change Vulnerability
Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Coupon Affiliates: from n/a through 6.4.0...
CVE-2025-54022 WordPress Coupon Affiliates plugin <= 6.4.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates woo-coupon-usage allows Cross Site Request Forgery.This issue affects Coupon Affiliates: from n/a through = 6.4.0...
CVE-2025-54022
CVE-2025-54022 is a CSRF vulnerability in the WordPress plugin Coupon Affiliates (Elliot Sowersby) affecting versions through 6.4.0. Public sources indicate the issue has been patched in newer releases; the vulnerability could allow an authenticated actor to perform actions on behalf of a logged-...
WordPress Coupon Affiliates Plugin <= 5.12.7 is vulnerable to Cross Site Scripting (XSS)
Software Coupon Affiliates Type Plugin Vulnerable versions = 5.12.7 Fixed in 5.12.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29125 Patch priority Medium CVSS severity Medium 7.1 Developer RelyWP PSID 81253acd1aca Credits stealthcopter Required privilege...
WordPress Coupon Affiliates Plugin < 5.6.0 is vulnerable to Cross Site Scripting (XSS)
Software Coupon Affiliates Type Plugin Vulnerable versions 5.6.0 Fixed in 5.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer RelyWP PSID de39047c211f Credits Rafie Muhammad Patchstack Required...
WordPress Plugin Coupon Affiliates-WooCommerce Affiliate 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Coupon Affiliates Plugin <= 5.4.5 is vulnerable to Cross Site Scripting (XSS)
Software Coupon Affiliates Type Plugin Vulnerable versions = 5.4.5 Fixed in 5.4.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-30475 Patch priority Medium CVSS severity Medium 7.1 Developer RelyWP PSID c2b6ffabba83 Credits Ivy TOOR, LISA Required...
WordPress Coupon Affiliates Plugin <= 5.4.3 is vulnerable to Cross Site Scripting (XSS)
Software Coupon Affiliates Type Plugin Vulnerable versions = 5.4.3 Fixed in 5.4.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28992 Patch priority Medium CVSS severity Medium 7.1 Developer RelyWP PSID 3cc060340a7c Credits thiennv Required privile...
WordPress Coupon Affiliates plugin <= 4.11.0.1 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress Coupon Affiliates plugin versions = 4.11.0.1. Solution Update the WordPress Coupon Affiliates plugin to the latest available version at least 4.11.0.2...