Browse all 3 CVE security advisories affecting wp.insider, wpaffiliatemgr. AI-powered Chinese analysis, POCs, and references for each vulnerability.
wp.insider, wpaffiliatemgr is a WordPress affiliate management plugin designed to help website owners track and manage affiliate programs and commissions. Historically, it has been vulnerable to multiple security issues including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities. These weaknesses often stem from insufficient input validation and improper access controls. The plugin currently has three CVEs on record, highlighting ongoing security concerns. While no major public incidents have been widely reported, the consistent discovery of vulnerabilities suggests potential risks for users who fail to maintain updated versions. Proper implementation and regular security updates are crucial for mitigating these threats.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-52148 | WordPress Affiliates Manager Plugin <= 2.9.30 is vulnerable to Sensitive Data Exposure — Affiliates ManagerCWE-200 | 5.3 | Medium | 2024-01-05 |
| CVE-2023-52130 | WordPress Affiliates Manager Plugin <= 2.9.31 is vulnerable to Cross Site Request Forgery (CSRF) — Affiliates ManagerCWE-352 | 4.3 | Medium | 2024-01-05 |
| CVE-2023-28986 | WordPress Affiliates Manager Plugin <= 2.9.20 is vulnerable to Cross Site Request Forgery (CSRF) — Affiliates ManagerCWE-352 | 5.4 | Medium | 2023-07-10 |
This page lists every published CVE security advisory associated with wp.insider, wpaffiliatemgr. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.