Vulnerabilities > Servit > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-03-08 CVE-2024-1851 Missing Authorization vulnerability in Servit Affiliate-Toolkit
The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the atkp_create_list() function in all versions up to, and including, 3.5.4.
network
low complexity
servit CWE-862
6.5
6.5
2023-12-19 CVE-2023-45105 Unspecified vulnerability in Servit Affiliate-Toolkit
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SERVIT Software Solutions affiliate-toolkit – WordPress Affiliate Plugin.This issue affects affiliate-toolkit – WordPress Affiliate Plugin: from n/a through 3.3.9.
network
low complexity
servit
6.1
6.1
2023-11-30 CVE-2023-46086 Unspecified vulnerability in Servit Affiliate-Toolkit
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SERVIT Software Solutions affiliate-toolkit – WordPress Affiliate Plugin allows Reflected XSS.This issue affects affiliate-toolkit – WordPress Affiliate Plugin: from n/a through 3.4.3.
network
low complexity
servit
6.1
6.1
2023-05-10 CVE-2023-23786 Unspecified vulnerability in Servit Affiliate-Toolkit
Auth.
network
low complexity
servit
5.4
5.4