Vulnerabilities > WP Affiliate Platform Project

DATE CVE VULNERABILITY TITLE RISK
2022-11-29 CVE-2022-3896 Cross-site Scripting vulnerability in WP Affiliate Platform Project WP Affiliate Platform 6.3.9
The WP Affiliate Platform plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_SERVER["REQUEST_URI"] in versions up to, and including, 6.3.9 due to insufficient input sanitization and output escaping.
network
low complexity
wp-affiliate-platform-project CWE-79
6.1
2022-11-29 CVE-2022-3897 Cross-site Scripting vulnerability in WP Affiliate Platform Project WP Affiliate Platform 6.3.9
The WP Affiliate Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 6.3.9 due to insufficient input sanitization and output escaping.
network
low complexity
wp-affiliate-platform-project CWE-79
4.8
2022-11-29 CVE-2022-3898 Cross-Site Request Forgery (CSRF) vulnerability in WP Affiliate Platform Project WP Affiliate Platform 6.3.9
The WP Affiliate Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.3.9.
network
low complexity
wp-affiliate-platform-project CWE-352
6.5