Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in affiliate-toolkit – WordPress Affiliate Plugin 3.4.5

  • Severity: medium-risk
  • Status: Open
  • Publication: March 25, 2024

A plugin called “affiliate-toolkit” used for WordPress has a security issue. It can be attacked by malicious code through ratings posted on the website. This can happen because the plugin does not properly clean up or protect against harmful code. As a result, attackers with certain levels of access can add code to pages that will run when someone visits those pages.

Detected in:

affiliate-toolkit fixed vulnerable versions:
affiliate-toolkit – Multi-Network Affiliate & Amazon Product Display fixed vulnerable versions:
affiliate-toolkit – WP Affiliate Plugin with Amazon fixed vulnerable versions:
affiliate-toolkit – WordPress Affiliate Plugin open vulnerable versions: >= * <= 3.4.5

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.