Lucene search
K
FlowdeeClickwhale

5 matches found

CVE
CVE
added 2025/01/29 3:21 a.m.76 views

CVE-2025-0804

CVE-2025-0804 affects the WordPress plugin “ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages” (versions up to 2.4.1). The vulnerability is a Stored Cross-Site Scripting (XSS) via link titles caused by insufficient input sanitization and output escaping....

6.4CVSS5.7AI score0.00245EPSS
CVE
CVE
added 2025/02/25 2:17 p.m.63 views

CVE-2025-26963

CVE-2025-26963 is a CSRF vulnerability in the WordPress ClickWhale plugin (versions up to and including 2.4.3) that affects the plugin’s settings changes. The CVE entries and Red Hat/NVD/ CVE lists confirm it’s a CSRF to settings change issue affecting ClickWhale and indicate a published fix (Pat...

8.8CVSS7.2AI score0.00163EPSS
CVE
CVE
added 2025/01/07 10:49 a.m.56 views

CVE-2024-51715

CVE-2024-51715 is a SQL injection vulnerability in ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages (ClickWhale plugin for WordPress). Connected sources confirm an authenticated (Contributor+) SQL Injection impact, affecting versions up to 2.4.1 (no n/a...

8.5CVSS7.3AI score0.00376EPSS
CVE
CVE
added 2025/05/07 2:20 p.m.55 views

CVE-2025-47612

CVE-2025-47612 (ClickWhale) is a Missing Authorization vulnerability in the flowdee ClickWhale WordPress plugin (affected: 2.4.6 and earlier). The issue arises from incorrectly configured access control, enabling unauthorized access due to insufficient authorization checks. NVD/vectors indicate a...

8.8CVSS7.2AI score0.00305EPSS
CVE
CVE
added 2025/01/11 2:20 a.m.28 views

CVE-2024-11327

The Connected PATCHSTACK entry confirms CVE-2024-11327 affects the WordPress plugin ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages, with a Reflected Cross-Site Scripting vulnerability caused by insufficient escaping of add_query_arg and remove_query_a...

6.1CVSS6.1AI score0.0034EPSS