cleantalk
Vulnerabilities and Security Researches

Affiliate Power – Sales Tracking for Affiliate Marketers, 3ceba7d6-4034-4220-9d2e-89f59c2050e3

CVE, Research URL

3ceba7d6-4034-4220-9d2e-89f59c2050e3

Home page URL

Security reports for Affiliate Power – Sales Tracking for Affiliate Marketers

Application

Affiliate Power – Sales Tracking for Affiliate Marketers

Published on
-
Research Description
Affiliate Power &#8211; Sales Tracking for Affiliate Marketers [affiliate-power] < 2.3.0 Affiliate Power &lt; 2.3.0 - Reflected Cross-Site Scripting The plugin does not escape the page parameter in its Affiliate Power Sales dashboard before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue
Affected versions
max 2.3.0.
Status
vulnerable
Previous vulnerability researches
Affiliate Power &#8211; Sales Tracking for Affiliate Marketers (8770281c773724cc3af31c3a3cbecbbf15603486) , Jun 06, 2024
Affiliate Power &#8211; Sales Tracking for Affiliate Marketers (7fa9e95c22fbb07af86ccdaf0b6338b9f2dffb5a) , Jun 16, 2026
Affiliate Power &#8211; Sales Tracking for Affiliate Marketers (3ceba7d6-4034-4220-9d2e-89f59c2050e3) , Jun 16, 2026
New vulnerability
Coinbase Commerce &#8211; Crypto Gateway for WooCommerce (61af4ef8ee19e1224b67b8678be91e6a8c7d877b) , Jun 16, 2026
Coinbase Commerce &#8211; Crypto Gateway for WooCommerce (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
WP SMS &#8211; Messaging &amp; SMS Notification for WordPress, WooCommerce, GravityForms, etc (fc2d7281-abec-475b-8e8d-8dbc47de78da) , Jun 16, 2026
WP SMS &#8211; Messaging &amp; SMS Notification for WordPress, WooCommerce, GravityForms, etc (4336a858-e642-431f-9d69-9b8b5f6e5e36) , Jun 16, 2026
WP SMS &#8211; Messaging &amp; SMS Notification for WordPress, WooCommerce, GravityForms, etc (fbb699ffd6cd26aa92e9fbcfae6975f1a571a917) , Jun 16, 2026