Vulnerability Details CVE-2024-5285
The wp-affiliate-platform WordPress plugin before 6.5.2 does not have CSRF check in place when deleting affiliates, which could allow attackers to make a logged in user change delete them via a CSRF attack
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.7%
CVSS Severity
CVSS v3 Score 5.5
References
Products affected by CVE-2024-5285
-
cpe:2.3:a:tipsandtricks-hq:wp_affiliate_platform:*