Vulnerabilities and security researches forwecantrack wecantrack

May 27, 2025

CVE, Research URL: CVE-2024-12561
Home page URL: Security reports for Affiliate Sales in Google Analytics and other tools
Application: Affiliate Sales in Google Analytics and other tools
Date: May 21, 2025
Research Description: The Affiliate Sales in Google Analytics and other tools plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.4.9. This is due to insufficient validation on the redirect url supplied via the 'afflink' parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
Affected versions: Min -, max -.
Status: vulnerable