Description
WordPress Plugin WP Affiliate Disclosure is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently perform a variety of the plugin's actions or even take over a website. WordPress Plugin WP Affiliate Disclosure version 1.1.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.1.4 or latest
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4400)
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-31618)
WordPress Plugin Limit Attempts by BestWebSoft Cross-Site Scripting (1.1.7)
WordPress Plugin Product Table by WBW Remote Code Execution (2.0.1)