All 4 CVE vulnerabilities found in ThirstyAffiliates, with AI-generated Chinese analysis, references, and POCs.
Vendor: Unknown
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-25024 | WordPress ThirstyAffiliates plugin <= 3.11.9 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 | 8.8AI | HighAI | 2026-02-03 |
| CVE-2025-67537 | WordPress ThirstyAffiliates plugin <= 3.11.8 - Cross Site Scripting (XSS) vulnerability CWE-79 | 5.4AI | MediumAI | 2025-12-09 |
| CVE-2022-0634 | ThirstyAffiliates < 3.10.5 - Subscriber+ unauthorized image upload + CSRF | 3.5 | - | 2022-04-25 |
| CVE-2021-24127 | ThirstyAffiliates < 3.9.3 - Authenticated Stored XSS CWE-79 | 5.4 | - | 2021-03-18 |
All 4 known CVE vulnerabilities affecting ThirstyAffiliates with full Chinese analysis, references, and POCs where available.