cleantalk
Vulnerabilities and Security Researches

Savyour Affiliate Partner, CVE-2025-48306

CVE, Research URL

CVE-2025-48306

Home page URL

Security reports for Savyour Affiliate Partner

Application

Savyour Affiliate Partner

Published on
Aug 28, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in developers savyour Savyour Affiliate Partner allows Stored XSS. This issue affects Savyour Affiliate Partner: from n/a through 2.1.4.
Affected versions
Min -, max 2.1.4.
Status
vulnerable
Previous vulnerability researches
PPWP – Password Protect Pages (CVE-2024-0620) , Jun 06, 2024
PPWP – Password Protect Pages (CVE-2022-4626) , Jun 06, 2024
PPWP – Password Protect Pages (CVE-2025-5998) , Aug 27, 2025
PPWP – Password Protect Pages (CVE-2024-11280) , Dec 18, 2024
New vulnerability
Add Code To Head (CVE-2025-48314) , Aug 29, 2025
130+ Widgets | Best Addons For Elementor – FREE (CVE-2025-58195) , Aug 29, 2025
WP Bulk Delete (CVE-2025-58192) , Aug 29, 2025
Responsive Mobile-Friendly Tooltip (CVE-2025-48316) , Aug 29, 2025
Savyour Affiliate Partner (CVE-2025-48306) , Aug 29, 2025