Servit Affiliate-toolkit — known CVE vulnerabilities
Every CVE whose affected-product data names Servit Affiliate-toolkit, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2023-5877 — CVSS 9.8 (critical): The affiliate-toolkit WordPress plugin before 3.4.3 lacks authorization and authentication for requests to it's affiliate-toolkit-starter/to…
CVE-2023-46086 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SERVIT Software Solutions…
CVE-2024-1851 — CVSS 6.3 (medium): The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability…
CVE-2023-45105 — CVSS 4.7 (medium): URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SERVIT Software Solutions affiliate-toolkit – WordPress Affiliate…
CVE-2024-2298 — CVSS 4.3 (medium): The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability…