CVE-2025-47612
- EPSS 0.25%
- Veröffentlicht 07.05.2025 14:20:30
- Zuletzt bearbeitet 01.04.2026 17:24:09
Missing Authorization vulnerability in ClickWhale ClickWhale clickwhale allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ClickWhale: from n/a through <= 2.4.6.
CVE-2025-26963
- EPSS 0.14%
- Veröffentlicht 25.02.2025 15:15:29
- Zuletzt bearbeitet 01.04.2026 17:19:15
Cross-Site Request Forgery (CSRF) vulnerability in ClickWhale ClickWhale clickwhale allows Cross Site Request Forgery.This issue affects ClickWhale: from n/a through <= 2.4.3.
CVE-2025-0804
- EPSS 0.08%
- Veröffentlicht 29.01.2025 04:15:07
- Zuletzt bearbeitet 23.05.2025 15:27:23
The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via link titles in all versions up to, and including, 2.4.1 due to insufficient input s...
CVE-2024-11327
- EPSS 1.91%
- Veröffentlicht 11.01.2025 03:15:19
- Zuletzt bearbeitet 05.06.2025 15:19:23
The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on t...
CVE-2024-51715
- EPSS 0.21%
- Veröffentlicht 07.01.2025 11:15:08
- Zuletzt bearbeitet 01.04.2026 16:19:41
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickWhale ClickWhale clickwhale allows Blind SQL Injection.This issue affects ClickWhale: from n/a through <= 2.4.1.