Primary

Context

AffiliateWP RewardsWP Plugin Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability has been identified in the AffiliateWP RewardsWP plugin, specifically in versions through 1.0.4. This vulnerability allows users to gain higher privileges than intended, potentially leading to unauthorized access or control over certain features or data.

Impact

Exploitation of this vulnerability could allow a user to escalate privileges, gaining access to higher-level permissions and potentially full control over the website.

Remediation

Users of the AffiliateWP RewardsWP plugin should update to version 1.0.5 or later to address this vulnerability. Patchstack users can enable auto-updates for vulnerable plugins.

Added: Mar 25, 2026, 6:21 PM

Updated: Mar 25, 2026, 6:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.6

remediation

0.0

relevance

4.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.6

remediation

0.0

relevance

4.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AffiliateWP RewardsWP Plugin Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating