Lucene search
HistoryNov 13, 2023 - 4:15 a.m.
CVE-2023-47652
cve-2023-47652
cross-site request forgery
stored xss
lucian apostol auto affiliate links
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
17.0%
Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links allows Stored XSS.This issue affects Auto Affiliate Links: from n/a through 6.4.2.4.
Affected configurations
Node
autoaffiliatelinksauto_affiliate_linksRange<6.4.2.5wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| autoaffiliatelinks | auto_affiliate_links | * | cpe:2.3:a:autoaffiliatelinks:auto_affiliate_links:*:*:*:*:*:wordpress:*:* |
Related
prion
prion
Cross site request forgery (csrf)
2023-11-13 04:15:00
vulnrichment
vulnrichment
cve
cve
CVE-2023-47652
2023-11-13 04:15:08
cvelist
cvelist
wpvulndb
wpvulndb
Auto Affiliate Links < 6.4.2.5 - Settings Update to Stored XSS via CSRF
2023-11-15 00:00:00
wordfence
wordfence
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
17.0%
Related for NVD:CVE-2023-47652