cleantalk
Vulnerabilities and Security Researches

Affiliate Power – Sales Tracking for Affiliate Marketers, 7fa9e95c22fbb07af86ccdaf0b6338b9f2dffb5a

CVE, Research URL

7fa9e95c22fbb07af86ccdaf0b6338b9f2dffb5a

Home page URL

Security reports for Affiliate Power – Sales Tracking for Affiliate Marketers

Application

Affiliate Power – Sales Tracking for Affiliate Marketers

Published on
Sep 13, 2021
Research Description
Affiliate Power &#8211; Sales Tracking for Affiliate Marketers [affiliate-power] < 2.3.0 Affiliate Power – Sales Tracking for Affiliate Marketers <= 2.2.0 - Reflected Cross-Site Scripting The Affiliate Power – Sales Tracking for Affiliate Marketers plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in versions up to, and including, 2.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions
max 2.3.0.
Status
vulnerable
Previous vulnerability researches
Affiliate Power &#8211; Sales Tracking for Affiliate Marketers (8770281c773724cc3af31c3a3cbecbbf15603486) , Jun 06, 2024
Affiliate Power &#8211; Sales Tracking for Affiliate Marketers (7fa9e95c22fbb07af86ccdaf0b6338b9f2dffb5a) , Jun 16, 2026
Affiliate Power &#8211; Sales Tracking for Affiliate Marketers (3ceba7d6-4034-4220-9d2e-89f59c2050e3) , Jun 16, 2026
New vulnerability
Comments Not Replied To (5b3713deed1a3dea292f02df95019dd9a86448d8) , Jun 16, 2026
Custom Order Status for WooCommerce (8e67b1e8-1172-4634-9dac-93f54297931a) , Jun 16, 2026
WPshop 2 &#8211; E-Commerce (405aa69006f803e554963210e83e3bd549a1ebe1) , Jun 16, 2026
WPshop 2 &#8211; E-Commerce (85bb2718-2228-4405-8b50-76995dbf6862) , Jun 16, 2026
WPshop 2 &#8211; E-Commerce (0f9c01caef7f6babf3ec24ce1fd97b741071e5b9) , Jun 16, 2026