CVE-2025-47612
- EPSS 0.25%
- Veröffentlicht 07.05.2025 14:20:30
- Zuletzt bearbeitet 23.05.2025 12:23:15
Missing Authorization vulnerability in flowdee ClickWhale allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ClickWhale: from n/a through 2.4.6.
CVE-2025-26963
- EPSS 0.06%
- Veröffentlicht 25.02.2025 15:15:29
- Zuletzt bearbeitet 21.05.2025 17:11:20
Cross-Site Request Forgery (CSRF) vulnerability in flowdee ClickWhale allows Cross Site Request Forgery. This issue affects ClickWhale: from n/a through 2.4.3.
CVE-2025-0804
- EPSS 0.03%
- Veröffentlicht 29.01.2025 04:15:07
- Zuletzt bearbeitet 23.05.2025 15:27:23
The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via link titles in all versions up to, and including, 2.4.1 due to insufficient input s...
CVE-2024-11327
- EPSS 1.46%
- Veröffentlicht 11.01.2025 03:15:19
- Zuletzt bearbeitet 05.06.2025 15:19:23
The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on t...
CVE-2024-51715
- EPSS 0.43%
- Veröffentlicht 07.01.2025 11:15:08
- Zuletzt bearbeitet 09.06.2025 19:30:31
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickWhale ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages allows Blind SQL Injection.This issue affect...