All 3 CVE vulnerabilities found in Affiliate Program Suite — SliceWP Affiliates, with AI-generated Chinese analysis, references, and POCs.
Vendor: iovamihai
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-6672 | Affiliate Program Suite <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via slicewp_affiliate_url Shortcode CWE-79 | 6.4 | Medium | 2026-05-06 |
| CVE-2024-12454 | Affiliate Program Suite — SliceWP Affiliates <= 1.1.23 - Cross-Site Request Forgery to Reflected Cross-Site Scripting CWE-352 | 6.1 | Medium | 2024-12-18 |
| CVE-2024-8714 | WordPress Affiliates Plugin — SliceWP Affiliates <= 1.1.20 - Reflected Cross-Site Scripting CWE-79 | 6.1 | Medium | 2024-09-13 |
All 3 known CVE vulnerabilities affecting Affiliate Program Suite — SliceWP Affiliates with full Chinese analysis, references, and POCs where available.