WP Affiliate Disclosure

Vulnerabilities 10Slug wp-affiliate-disclosureLatest version 1.4.0WordPress.org →

Minimum safe version

1.2.8

Update to 1.2.8 or later to address 10 fixable vulnerabilities

Latest available1.4.0
Medium 6.3
2024-10-16< 1.2.3

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE
Medium 6.5
2024-12-29< 1.2.8

WordPress WP Affiliate Disclosure Plugin <= 1.2.7 is vulnerable to Cross Site Scripting (XSS)

PatchstackCVEWordfenceWPScan
N/A
2023-07-18< 1.2.6

WordPress WP Affiliate Disclosure Plugin < 1.2.6 is vulnerable to Cross Site Scripting (XSS)

PatchstackCVE
N/A
2019-02-25< 1.1.4

Freemius SDK <= 2.2.3 - Missing Authorization to Arbitrary Options Update

Wordfence
N/A
2022-03-04< 1.2.3

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence
N/A
< 1.1.4

Freemius Library &lt; 2.2.4 - Subscriber+ Arbitrary Option Update

WPScan
N/A
2019-03-05< 1.1.4

WordPress WP Affiliate Disclosure plugin <=1.1.3 - Authenticated Option Update vulnerability (Fremius Library security issue)

Patchstack
N/A
2022-02-28< 1.2.3

WordPress WP Affiliate Disclosure plugin < 1.2.3 - Sensitive Information Disclosure vulnerability

Patchstack
N/A
2022-02-28< 1.2.3

WordPress WP Affiliate Disclosure plugin < 1.2.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack