| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-62884 | WordPress Coupon Affiliates plugin <= 7.2.0 - Broken Access Control vulnerability | Elliot Sowersby / RelyWP | Coupon Affiliates | Medium | 5.3 | 2025-10-27 01:33:44 | Deep Dive |
| CVE-2025-59567 | WordPress Coupon Affiliates Plugin <= 6.8.0 - Broken Access Control Vulnerability | Elliot Sowersby / RelyWP | Coupon Affiliates | Medium | 5.5 | 2025-09-22 18:26:00 | Deep Dive |
| CVE-2025-54025 | WordPress Coupon Affiliates Plugin <= 6.4.0 - Settings Change Vulnerability | Elliot Sowersby / RelyWP | Coupon Affiliates | Medium | 6.5 | 2025-08-20 08:03:02 | Deep Dive |
| CVE-2025-54022 | WordPress Coupon Affiliates plugin <= 6.4.0 - Cross Site Request Forgery (CSRF) Vulnerability | Elliot Sowersby / RelyWP | Coupon Affiliates | Medium | 6.5 | 2025-07-16 10:36:45 | Deep Dive |
| CVE-2025-3598 | Coupon Affiliates – Affiliate Plugin for WooCommerce <= 6.3.0 - Reflected Cross-Site Scripting via 'commission_summary' Parameter | elliotvs | Coupon Affiliates – Affiliate Plugin for WooCommerce | Medium | 6.1 | 2025-04-18 05:23:00 | Deep Dive |
| CVE-2024-12421 | Coupon Affiliates – Affiliate Plugin for WooCommerce <= 5.16.7.1 - Unauthenticated Arbitrary Shortcode Execution and Reflected Cross-Site Scripting | elliotvs | Coupon Affiliates – Affiliate Plugin for WooCommerce | Medium | 6.5 | 2024-12-13 08:24:49 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-29125 | WordPress Coupon Affiliates plugin <= 5.12.7 - Reflected Cross Site Scripting (XSS) vulnerability | Elliot Sowersby / RelyWP | Coupon Affiliates | High | 7.1 | 2024-03-19 14:25:40 | Deep Dive |
| CVE-2023-30475 | WordPress Coupon Affiliates Plugin <= 5.4.5 is vulnerable to Cross Site Scripting (XSS) | Elliot Sowersby, RelyWP | WooCommerce Affiliate Plugin – Coupon Affiliates | High | 7.1 | 2023-08-14 13:53:32 | Deep Dive |
| CVE-2023-28992 | WordPress Coupon Affiliates Plugin <= 5.4.3 is vulnerable to Cross Site Scripting (XSS) | Elliot Sowersby, RelyWP | Coupon Affiliates – WooCommerce Affiliate Plugin | High | 7.1 | 2023-06-26 05:21:44 | Deep Dive |
| CVE-2022-0818 | Coupon Affiliates < 4.16.4.5 - Unauthenticated Stored XSS | Unknown | WooCommerce Affiliate Plugin – Coupon Affiliates | 中危 | - | 2022-03-28 17:23:25 | Deep Dive |