Vulnerabilities (CVE)

Filtered by vendor Wpaffiliatemanager Subscribe

Filtered by product Affiliates Manager

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-52148	1 Wpaffiliatemanager	1 Affiliates Manager	2024-01-10	N/A	5.3 MEDIUM
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in wp.Insider, wpaffiliatemgr Affiliates Manager.This issue affects Affiliates Manager: from n/a through 2.9.30.
CVE-2021-25078	1 Wpaffiliatemanager	1 Affiliates Manager	2022-01-28	4.3 MEDIUM	6.1 MEDIUM
The Affiliates Manager WordPress plugin before 2.9.0 does not validate, sanitise and escape the IP address of requests logged by the click tracking feature, allowing unauthenticated attackers to perform Cross-Site Scripting attacks against admin viewing the tracked requests.