Cservit Affiliate-toolkit – Multi-network Affiliate & Amazon Product Display
6 CVEs affecting Cservit Affiliate-toolkit – Multi-network Affiliate & Amazon Product Display. Latest disclosed: 2026-05-27. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-6169 | High | 7.2 | 2026-05-27 | The affiliate-toolkit plugin for WordPress is vulnerable to remote code execution in all versions up to, and including, 3.8.5. This is due to the plugin using… |
CVE-2024-10227 | Medium | 6.4 | 2024-10-29 | The affiliate-toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's atkp_product shortcode in all versions up to, and incl… |
CVE-2024-1851 | Medium | 6.3 | 2024-03-08 | The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the atkp_crea… |
CVE-2024-10675 | Medium | 6.1 | 2024-11-21 | The affiliate-toolkit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via a URL in all versions up to, and including, 3.6.7 due to insuffi… |
CVE-2024-6562 | Medium | 5.3 | 2024-08-09 | The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.5.5. This… |
CVE-2024-2298 | Medium | 4.3 | 2024-03-08 | The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the atkp_impo… |