Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
2305.5%HIGH

Related CVEs

3
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-47633Cross-Site Request Forgery (CSRF) vulnerability in Awin Awin – Advertiser Tracking for WooCommerce awin-advertiser-tracking allows Cross Site Request Forgery.This issue affects Awin – Advertiser Tracking for WooCommerce: from n/a through <= 2.0.0.HIGH8.85.5%May 7, 2025
CVE-2022-1938The Awin Data Feed WordPress plugin before 1.8 does not sanitise and escape a header when processing request to generate analytics data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against a logged in admin viewing the plugin's settingsMEDIUM5.4Jul 11, 2022
CVE-2022-1937The Awin Data Feed WordPress plugin before 1.8 does not sanitise and escape a parameter before outputting it back via an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site ScriptingMEDIUM6.1Jul 11, 2022