CVE-2024-9349
- EPSS 2.33%
- Veröffentlicht 04.10.2024 05:15:12
- Zuletzt bearbeitet 10.10.2024 20:25:57
The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 5.4.2. This ...
CVE-2023-52175
- EPSS 0.08%
- Veröffentlicht 01.02.2024 10:15:08
- Zuletzt bearbeitet 21.11.2024 08:39:19
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Uno (miunosoft) Auto Amazon Links – Amazon Associates Affiliate Plugin allows Stored XSS.This issue affects Auto Amazon Links – Amazon Assoc...
CVE-2023-4482
- EPSS 0.11%
- Veröffentlicht 20.10.2023 07:15:15
- Zuletzt bearbeitet 21.11.2024 08:35:15
The Auto Amazon Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the style parameter in versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...