VYPR

Affiliate For WooCommerce

by WordPress

CVEs (2)

  • CVE-2022-36284MedAug 5, 2022
    risk 0.42cvss 6.4epss 0.01

    Authenticated IDOR vulnerability in StoreApps Affiliate For WooCommerce premium plugin <= 4.7.0 at WordPress allows an attacker to change the PayPal email. WooCommerce PayPal Payments plugin (free) should be at least installed to get the extra input field on the user profile…

  • CVE-2022-25649MedAug 5, 2022
    risk 0.33cvss 5.0epss 0.01

    Multiple Improper Access Control vulnerabilities in StoreApps Affiliate For WooCommerce premium plugin <= 4.7.0 at WordPress.