Vulnerabilities in AffiliateWP

2 results

CVE-2025-8877HIGHAffiliateWP <= 2.28.2 - Unauthenticated SQL InjectionEPSS 0.3%CVE-2023-4600MEDIUMThe AffiliateWP for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'affwp_activate_adEPSS 0.3%