CVE-2026-15296: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in cservit affiliate-toolkit – Multi-Network Affiliate & Amazon Product Display
The affiliate-toolkit – WP Affiliate Plugin with Amazon plugin for WordPress contains a stored cross-site scripting (XSS) vulnerability in the 'atkp_product' shortcode. This affects all versions up…
Read the full articleYou might also wanna read

WAF - WAF Release - 2025-08-04
This week's highlight focuses on a series of significant vulnerabilities identified across widely adopted web platforms, from enterprise-gra

WAF - WAF Release - 2025-06-09
This week’s update spotlights four critical vulnerabilities across CMS platforms, VoIP systems, and enterprise applications. Several flaws e

CVE-2025-14773: Cross-Site Scripting Vulnerability in ABB T-MAC Plus (Version 4.0-24)
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-M

WAF - WAF Release - 2025-10-23 - Emergency
This week highlights enhancements to detection signatures improving coverage for vulnerabilities in Adobe Commerce and Magento Open Source,

WAF - WAF Release - 2025-11-03
This week highlights enhancements to detection signatures improving coverage for vulnerabilities in Adobe Commerce and Magento Open Source,

Comments
Sign in to join the conversation.
No comments yet. Be the first.