cleantalk
Vulnerabilities and Security Researches

WC Affiliate – A Full-fledged Affiliate Manager for WooCommerce, CVE-2025-47660

CVE, Research URL

CVE-2025-47660

Home page URL

Security reports for WC Affiliate – A Full-fledged Affiliate Manager for WooCommerce

Application

WC Affiliate – A Full-fledged Affiliate Manager for WooCommerce

Published on
May 23, 2025
Research Description
Deserialization of Untrusted Data vulnerability in Codexpert, Inc WC Affiliate allows Object Injection. This issue affects WC Affiliate: from n/a through 2.9.1.
Affected versions
Min -, max 2.9.
Status
vulnerable
Previous vulnerability researches
WPBakery Page Builder Addons by Livemesh (CVE-2024-30183) , Jun 07, 2024
WPBakery Page Builder Addons by Livemesh (b0af4c0e7ff387a5f71e14f8b5059a141fd5b7b9) , Jun 07, 2024
WPBakery Page Builder Addons by Livemesh (CVE-2023-50370) , Jun 07, 2024
WPBakery Page Builder Addons by Livemesh (CVE-2024-2079) , Jun 07, 2024
WPBakery Page Builder Addons by Livemesh (CVE-2024-43320) , Aug 20, 2024
New vulnerability
Raychat (CVE-2025-49236) , Jun 15, 2025
«Подсказки» от DaData.ru (CVE-2025-30931) , Jun 15, 2025
CubeWP – All-in-One Dynamic Content Framework (CVE-2025-30994) , Jun 15, 2025
CubeWP – All-in-One Dynamic Content Framework (CVE-2025-4315) , Jun 15, 2025
Post Grid Master – Custom Post Types, Taxonomies & Ajax Filter Everything with Infinite Scroll, Load More, Pagination (CVE-2025-30974) , Jun 15, 2025