CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25100 – WordPress Coupon Referral Program Plugin <= 1.7.2 is vulnerable to PHP Object Injection
https://notcve.org/view.php?id=CVE-2024-25100
05 Feb 2024 — Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2. Vulnerabilidad de deserialización de datos no confiables en WP Swings Coupon Referral Program. Este problema afecta a Coupon Referral Program: desde n/a hasta 1.7.2. The Coupon Referral Program plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.7.2 via deserialization of untrusted input. This makes it possible... • https://patchstack.com/database/vulnerability/coupon-referral-program/wordpress-coupon-referral-program-plugin-1-7-2-unauthenticated-php-object-injection-vulnerability?_s_id=cve • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52190 – WordPress Coupon Referral Program Plugin <= 1.7.2 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-52190
03 Jan 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en WP Swings Coupon Referral Program. Este problema afecta a Coupon Referral Program: desde n/a hasta 1.7.2. The Coupon Referral Program plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.2. ... • https://patchstack.com/database/vulnerability/coupon-referral-program/wordpress-coupon-referral-program-plugin-1-7-2-unauthenticated-sensitive-data-pii-coupon-data-exposure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •