Cr1000 Affiliateimportereb vulnerabilities
2 known vulnerabilities affecting cr1000/affiliateimportereb.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-12732P4MEDIUMCVSS 6.1PoC≤ 1.0.62025-05-15
CVE-2024-12732 [MEDIUM] CWE-79 CVE-2024-12732: The AffiliateImporterEb WordPress plugin through 1.0.6 does not sanitise and escape a parameter befo
The AffiliateImporterEb WordPress plugin through 1.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
nvd
CVE-2024-12733P4MEDIUMCVSS 6.1≤ 1.0.62025-05-15
CVE-2024-12733 [MEDIUM] CWE-79 CVE-2024-12733: The AffiliateImporterEb WordPress plugin through 1.0.6 does not sanitise and escape a parameter befo
The AffiliateImporterEb WordPress plugin through 1.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
nvd