A popular plugin called “Coupon Affiliates” for the website building platform WordPress has a security issue. This issue, known as Cross-Site Request Forgery, allows attackers to perform unauthorized actions if they can trick a site administrator into clicking a link. This vulnerability exists in all versions of the plugin up to version 6.4.0.