Medium 6.1
2026-05-01< 5.19.0
CVE-2024-13362
Coupon Affiliates – Affiliate Plugin for WooCommerce
Minimum safe version
7.6.0
Update to 7.6.0 or later to address 22 fixable vulnerabilities
Latest available7.8.0 ✓
N/A
2026-04-21< 7.6.0
Coupon Affiliates – Affiliate Plugin for WooCommerce <= 7.5.3 - Unauthenticated Stored Cross-Site Scripting
Medium 4.3
2025-09-22< 6.8.1
Coupon Affiliates <= 6.8.0 - Missing Authorization
Medium 5.3
2025-10-27< 7.2.1
CVE-2025-62884
Medium 6.5
2025-08-20< 6.4.2
CVE-2025-54025
Medium 6.5
2025-07-16< 6.4.1
CVE-2025-54022
Medium 6.1
2025-04-18< 6.3.1
Coupon Affiliates – Affiliate Plugin for WooCommerce <= 6.3.0 - Reflected Cross-Site Scripting via 'commission_summary' Parameter
Medium 6.5
2024-12-13< 5.16.7.2
CVE-2024-12421
Medium 6.3
2024-10-16< 4.16.4
Freemius SDK <= 2.4.2 - Missing Authorization Checks
High 7.1
2024-03-19< 5.12.8
CVE-2024-29125
N/A
< 4.11.0.2
Coupon Affiliates for WooCommerce < 4.11.0.2 - Reflected Cross-Site Scripting
N/A
< 4.11.3.4
Coupon Affiliates for WooCommerce < 4.11.3.4 - Arbitrary Referral Visits Deletion via CSRF
N/A
2023-07-18< 5.6.0
WordPress Coupon Affiliates Plugin < 5.6.0 is vulnerable to Cross Site Scripting (XSS)
High 7.1
2023-08-14< 5.4.6
CVE-2023-30475
High 7.1
2023-06-26< 5.4.4
CVE-2023-28992
N/A
2021-08-24< 4.11.0.2
WooCommerce Affiliate Plugin – Coupon Affiliates <= 4.11.0.1 - Reflected Cross-Site Scripting
N/A
2021-10-11< 4.11.3.4
WooCommerce Affiliate Plugin – Coupon Affiliates < 4.11.3.4 - Cross-Site Request Forgery
N/A
2022-03-04< 4.16.4
Freemius SDK <= 2.4.2 - Missing Authorization Checks
N/A
2021-08-24< 4.11.0.2
WordPress Coupon Affiliates plugin <= 4.11.0.1 - Reflected Cross-Site Scripting (XSS) vulnerability
N/A
2022-02-28< 4.16.4.5
WordPress Coupon Affiliates plugin < 4.16.4.5 - Sensitive Information Disclosure vulnerability
N/A
2022-02-28< 4.16.4.5
WordPress Coupon Affiliates plugin < 4.16.4.5 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Medium 6.1
2022-03-28< 4.16.4.5
CVE-2022-0818