VYPR

Affiliatex

by WordPress

Source repositories

CVEs (3)

  • CVE-2024-49692MedOct 29, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPCenter AffiliateX affiliatex allows Stored XSS.This issue affects AffiliateX: from n/a through <= 1.2.9.

  • CVE-2025-13859MedJan 15, 2026
    risk 0.35cvss 6.4epss 0.00

    The AffiliateX – Amazon Affiliate Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_customization_settings AJAX action in versions 1.0.0 to 1.3.9.3. This makes it possible for authenticated attackers,…

  • CVE-2025-69346MedJan 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in WPCenter AffiliateX affiliatex allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AffiliateX: from n/a through <= 1.3.9.3.