VYPR

Affiliate Links Lite

by WordPress

CVEs (2)

  • CVE-2024-13556HigFeb 18, 2025
    risk 0.53cvss 8.1epss 0.01

    The Affiliate Links: WordPress Plugin for Link Cloaking and Link Management plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.1 via deserialization of untrusted input from an file export. This makes it possible for…

  • CVE-2025-32639HigApr 17, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wecantrack Affiliate Links Lite affiliate-links allows Reflected XSS.This issue affects Affiliate Links Lite: from n/a through <= 3.1.0.