WordPress EasyAzon plugin <= 5.1.0 - Reflected Cross-Site Scripting via easyazon-cloaking-locale vulnerability

Reflected Cross-Site Scripting via easyazon-cloaking-locale vulnerability discovered by Krzysztof Zając in WordPress Plugin EasyAzon versions = 5.1.0...

CVE-2023-6956

The EasyAzon – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘easyazon-cloaking-locale’ parameter in all versions up to, and including, 5.1.0 due to insufficient input sanitization and output escaping. This makes it possible for...

PT-2024-15139 · Easyazon · Easyazon

Name of the Vulnerable Software and Affected Versions: EasyAzon – Amazon Associates Affiliate Plugin versions up to, and including, 5.1.0 Description: The issue is related to Reflected Cross-Site Scripting via the easyazon-cloaking-locale parameter due to insufficient input sanitization and outpu...