CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-5287

The wp-affiliate-platform WordPress plugin before 6.5.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in user change them via a CSRF attack

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.6%

CVSS Severity

CVSS v3 Score 7.1

References

https://wpscan.com/vulnerability/b4fd535c-a273-419d-9e2e-be1cbd822793/
https://wpscan.com/vulnerability/b4fd535c-a273-419d-9e2e-be1cbd822793/

Products affected by CVE-2024-5287

Tipsandtricks-Hq » Wp Affiliate Platform » Version: 6.3.9

cpe:2.3:a:tipsandtricks-hq:wp_affiliate_platform:6.3.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5287

Products

Pricing

Contact Us