Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total8
Critical0
High1
Medium7
Reset
Showing 1-8 of 8 records
Threat Entry Updated 2025-07-07

CVE-2024-5285 - Wp Affiliate Platform Plugin

The wp-affiliate-platform WordPress plugin before 6.5.2 does not have CSRF check in place when deleting affiliates, which could allow attackers to make a logged in user change delete them via a CSRF attack

PLUGIN Wp Affiliate Platform

CVE-2024-5285

MEDIUM CVSS 5.5 2024-07-29
Open Full Technical Breakdown
Threat Entry Updated 2025-05-19

CVE-2024-5287 - Wp Affiliate Platform Plugin

The wp-affiliate-platform WordPress plugin before 6.5.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in user change them via a CSRF attack

PLUGIN Wp Affiliate Platform

CVE-2024-5287

HIGH CVSS 7.1 2024-07-13
Open Full Technical Breakdown
Threat Entry Updated 2025-05-19

CVE-2024-5284 - Wp Affiliate Platform Plugin

The wp-affiliate-platform WordPress plugin before 6.5.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack

PLUGIN Wp Affiliate Platform

CVE-2024-5284

MEDIUM CVSS 6.8 2024-07-13
Open Full Technical Breakdown
Threat Entry Updated 2025-05-19

CVE-2024-5283 - Wp Affiliate Platform Plugin

The wp-affiliate-platform WordPress plugin before 6.5.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

PLUGIN Wp Affiliate Platform

CVE-2024-5283

MEDIUM CVSS 6.1 2024-07-13
Open Full Technical Breakdown
Threat Entry Updated 2025-05-19

CVE-2024-5282 - Wp Affiliate Platform Plugin

The wp-affiliate-platform WordPress plugin before 6.5.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

PLUGIN Wp Affiliate Platform

CVE-2024-5282

MEDIUM CVSS 6.1 2024-07-13
Open Full Technical Breakdown
Threat Entry Updated 2025-05-19

CVE-2024-5281 - Wp Affiliate Platform Plugin

The wp-affiliate-platform WordPress plugin before 6.5.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

PLUGIN Wp Affiliate Platform

CVE-2024-5281

MEDIUM CVSS 6.1 2024-07-13
Open Full Technical Breakdown
Threat Entry Updated 2025-05-19

CVE-2024-5286 - Wp Affiliate Platform Plugin

The wp-affiliate-platform WordPress plugin before 6.5.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

PLUGIN Wp Affiliate Platform

CVE-2024-5286

MEDIUM CVSS 4.8 2024-07-13
Open Full Technical Breakdown
Threat Entry Updated 2025-05-19

CVE-2024-5280 - Wp Affiliate Platform Plugin

The wp-affiliate-platform WordPress plugin before 6.5.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make non-logged in users execute an XSS payload via a CSRF attack

PLUGIN Wp Affiliate Platform

CVE-2024-5280

MEDIUM CVSS 4.7 2024-07-13
Open Full Technical Breakdown
Scroll to top