Lucene search
PatchstackCVE-2023-47652HistoryNov 13, 2023 - 4:15 a.m.
CVE-2023-47652
2023-11-1304:15:08
CWE-352
Patchstack
web.nvd.nist.gov
32
cve-2023-47652
csrf
lucian apostol
auto affiliate links
stored xss
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
17.0%
Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links allows Stored XSS.This issue affects Auto Affiliate Links: from n/a through 6.4.2.4.
Affected configurations
Node
autoaffiliatelinksauto_affiliate_linksRange<6.4.2.5wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| autoaffiliatelinks | auto_affiliate_links | * | cpe:2.3:a:autoaffiliatelinks:auto_affiliate_links:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-auto-affiliate-links",
"product": "Auto Affiliate Links",
"vendor": "Lucian Apostol",
"versions": [
{
"changes": [
{
"at": "6.4.2.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.4.2.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
prion
prion
Cross site request forgery (csrf)
2023-11-13 04:15:00
cvelist
cvelist
wpvulndb
wpvulndb
Auto Affiliate Links < 6.4.2.5 - Settings Update to Stored XSS via CSRF
2023-11-15 00:00:00
nvd
nvd
CVE-2023-47652
2023-11-13 04:15:08
wordfence
wordfence
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
17.0%
Related for CVE-2023-47652