Mojofywp WP Affiliate Disclosure Broken Access Control Vulnerability

Vulnerability

A vulnerability allowing broken access control has been identified in the Mojofywp WP Affiliate Disclosure plugin, specifically in versions through 1.2.6. This vulnerability is associated with Cross-Site Request Forgery (CSRF) issues.

Impact

Exploitation of this vulnerability could lead to unauthorized actions being performed on behalf of a user, potentially allowing for changes to be made without proper authorization.

Added: Dec 21, 2025, 1:17 AM

Updated: Dec 21, 2025, 1:17 AM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

0.6

exploitability

5.2

remediation

0.0

relevance

1.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

0.6

exploitability

5.2

remediation

0.0

relevance

1.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mojofywp WP Affiliate Disclosure Broken Access Control Vulnerability

Vulnerability

Impact

Affected Products

mojofywp WP Affiliate Disclosure

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating