N/A
2026-05-06< 1.2.7
Affiliate Program Suite — SliceWP Affiliates <= 1.2.6 - Unauthenticated Stored Cross-Site Scripting
Affiliate Program Suite — SliceWP Affiliates
Minimum safe version
1.2.8
Update to 1.2.8 or later to address 9 fixable vulnerabilities
Latest available1.2.8 ✓
Medium 6.4
2026-05-06< 1.2.8
CVE-2026-6672
Medium 6.1
2024-12-18< 1.1.24
CVE-2024-12454
High 7.1
2024-10-05< 1.1.19
CVE-2024-47388
Medium 6.1
2024-09-16< 1.1.21
WordPress SliceWP Plugin <= 1.1.20 is vulnerable to Cross Site Scripting (XSS)
Medium 5.9
2024-05-06< 1.1.11
CVE-2024-34413
N/A
< 1.0.46
SliceWP < 1.0.46 - Reflected Cross-Site Scripting (XSS)
N/A
2021-08-09< 1.0.46
WordPress Affiliates Plugin — SliceWP Affiliates <= 1.0.45 - Cross-Site Scripting
N/A
2021-08-09< 1.0.46
WordPress SliceWP plugin <= 1.0.45 - Reflected Cross-Site Scripting (XSS) vulnerability