Wp Affiliate Platform@6.3.9 Security Vulnerabilities and Issues — Wp Affiliate Platform@6.3.9 CVE List

Lucene search

Tipsandtricks-hqWp Affiliate Platform6.3.9

3 matches found

CVE•added 2022/11/29 9:15 p.m.•54 views

CVE-2022-3898

The WP Affiliate Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.3.9. This is due to missing or incorrect nonce validation on various functions including the affiliates_menu method. This makes it possible for unauthenticated attackers to...

8.8CVSS6.1AI score0.0011EPSS

CVE•added 2022/11/29 9:15 p.m.•43 views

CVE-2022-3896

The WP Affiliate Platform plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_SERVER["REQUEST_URI"] in versions up to, and including, 6.3.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS6AI score0.00886EPSS

CVE•added 2022/11/29 9:15 p.m.•39 views

CVE-2022-3897

The WP Affiliate Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 6.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permiss...

5.5CVSS4.7AI score0.00138EPSS