cleantalk
Vulnerabilities and Security Researches

Affiliate Ads for ClickBank, CVE-2015-20106

CVE, Research URL

CVE-2015-20106

Home page URL

Security reports for Affiliate Ads for ClickBank

Application

Affiliate Ads for ClickBank

Published on
Dec 02, 2021
Research Description
The ClickBank Affiliate Ads WordPress plugin through 1.20 does not escape its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed.
Affected versions
Min -, max 1.35.
Status
vulnerable
Previous vulnerability researches
Affiliate Ads for ClickBank (CVE-2015-20106) , Jun 07, 2024
Affiliate Ads for ClickBank (CVE-2015-20105) , Jun 07, 2024
New vulnerability
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce (CVE-2025-48125) , May 31, 2025
Minimal Share Buttons (CVE-2025-5259) , May 30, 2025
LA-Studio Element Kit for Elementor (CVE-2025-4943) , May 30, 2025
LA-Studio Element Kit for Elementor (CVE-2025-4944) , May 30, 2025
Essential Real Estate (CVE-2025-48126) , May 30, 2025