Medium 4.3
2024-02-05< 2.9.35
CVE-2024-0859
Affiliates Manager
Minimum safe version
2.9.35
Update to 2.9.35 or later to address 19 fixable vulnerabilities
Latest available2.9.50 ✓
Medium 4.3
2024-12-28< 2.9.32
WordPress Affiliates Manager Plugin <= 2.9.31 is vulnerable to Cross Site Request Forgery (CSRF)
Medium 5.3
2024-12-28< 2.9.31
WordPress Affiliates Manager Plugin <= 2.9.30 is vulnerable to Sensitive Data Exposure
N/A
< 2.9.14
Affiliates Manager < 2.9.14 - Reflected Cross-Site Scripting
N/A
< 2.9.14
Affiliates Manager < 2.9.14 - Arbitrary Affiliates & Creatives Deletion via CSRF
Medium 5.4
2023-07-10< 2.9.21
CVE-2023-28986
N/A
2020-09-11< 2.7.8
Affiliates Manager <= 2.7.7 - Cross-Site Scripting
N/A
2022-08-16< 2.9.14
Affiliates Manager <= 2.9.13 - Reflected Cross-Site Scripting
N/A
2022-08-16< 2.9.14
Affiliates Manager <= 2.9.13 - Cross-Site Request Forgery
N/A
< 2.7.8
Affiliate Manager < 2.7.8 - Unauthenticated Stored Cross-Site Scripting (XSS)
High 8.0
2022-09-16< 2.9.14
CVE-2022-2798
Medium 4.8
2022-09-16< 2.9.14
CVE-2022-2799
N/A
2022-08-16< 2.9.14
WordPress Affiliates Manager Plugin <= 2.9.13 - Arbitrary Affiliates & Creatives Deletion via CSRF vulnerability
N/A
2022-08-16< 2.9.14
WordPress Affiliates Manager Plugin <= 2.9.13 - Reflected Cross-Site Scripting vulnerability
N/A
2019-06-16< 2.6.6
WordPress Affiliates Manager plugin <= 2.6.5 - Cross-Site Request Forgery (CSRF) vulnerability
N/A
2021-12-23< 2.9.0
WordPress Affiliates Manager plugin <= 2.8.9 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability
High 8.8
2019-09-03< 2.6.6
CVE-2019-15868
High 7.2
2021-11-08< 2.8.7
CVE-2021-24844
Medium 6.1
2025-10-03< 2.9.0
CVE-2021-25078