PT-2025-35022 · WordPress · Dactum Clickbank Wordpress Plugin

Nguyen Xuan Chien

·

Published

2025-08-28

·

Updated

2025-08-28

·

CVE-2025-48353

Report an issue
CVSS v3.1
7.1
VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions:

dactum Clickbank WordPress Plugin (Niche Storefront) versions through 1.3.5

Description:

A Cross-Site Request Forgery (CSRF) vulnerability exists in dactum Clickbank WordPress Plugin (Niche Storefront), which also allows Stored Cross-Site Scripting (XSS).

Recommendations:

Update dactum Clickbank WordPress Plugin (Niche Storefront) to a version later than 1.3.5.

Fix

CSRF

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2025-48353

Affected Products

Dactum Clickbank Wordpress Plugin