Codexpert Wc Affiliate — known CVE vulnerabilities
Every CVE whose affected-product data names Codexpert Wc Affiliate, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2024-12321 — CVSS 7.1 (high): The WC Affiliate WordPress plugin through 2.3.9 does not sanitise and escape a parameter before outputting it back in the page, leading to…
CVE-2024-12336 — CVSS 6.5 (medium): The WC Affiliate – A Complete WooCommerce Affiliate Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a…
CVE-2024-12334 — CVSS 6.1 (medium): The WC Affiliate – A Complete WooCommerce Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via any…