cleantalk
Vulnerabilities and Security Researches

WordPress Affiliates Plugin — SliceWP Affiliates, CVE-2026-42653

CVE, Research URL

CVE-2026-42653

Home page URL

Security reports for WordPress Affiliates Plugin — SliceWP Affiliates

Application

WordPress Affiliates Plugin — SliceWP Affiliates

Published on
Jun 12, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iova.Mihai SliceWP allows Stored XSS. This issue affects SliceWP: from n/a through 1.2.6.
Affected versions
max 1.2.7.
Status
vulnerable
Previous vulnerability researches
Wireless Butler (CVE-2025-26997) , Apr 15, 2025
New vulnerability
wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin (CVE-2026-49080) , Jun 16, 2026
The Events Calendar (CVE-2026-49772) , Jun 16, 2026
WooCommerce Stripe Payment Gateway (CVE-2026-2381) , Jun 16, 2026
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026