Lucene search
K

198 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.8 views

CVE-2026-24592

Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Affiliate Links: from n/a through 6.8.8.3...

5.3CVSS5.4AI score0.00231EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.15 views

CVE-2026-7330

The Auto Affiliate Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 6.8.8 This is due to insufficient input sanitization on the 'url' POST parameter in the aalurlstatssaveaction function and a complete absence of output escaping in...

7.2CVSS5.7AI score0.00366EPSS
Exploits0References1
NVD
NVD
added 2026/05/25 10:16 p.m.14 views

CVE-2026-24592

Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Affiliate Links: from n/a through 6.8.8.3...

5.3CVSS0.00231EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/25 9:31 p.m.7 views

CVE-2026-24592 WordPress Auto Affiliate Links plugin <= 6.8.8.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Affiliate Links: from n/a through 6.8.8.3...

5.3CVSS5.8AI score0.00231EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/25 9:31 p.m.8 views

CVE-2026-24592

Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Affiliate Links: from n/a through 6.8.8.3...

5.3CVSS5.8AI score0.00231EPSS
Exploits0References2
CVE
CVE
added 2026/05/25 9:31 p.m.20 views

CVE-2026-24592

CVE-2026-24592 affects WordPress Auto Affiliate Links plugin

5.3CVSS5.8AI score0.00231EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/25 9:31 p.m.22 views

CVE-2026-24592 WordPress Auto Affiliate Links plugin <= 6.8.8.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Affiliate Links: from n/a through 6.8.8.3...

5.3CVSS0.00231EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/25 9:31 p.m.12 views

EUVD-2026-31748

Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Affiliate Links: from n/a through 6.8.8.3...

5.3CVSS5.8AI score0.00231EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/25 9:30 p.m.12 views

WordPress Auto Affiliate Links plugin <= 6.8.8.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Auto Affiliate Links versions = 6.8.8.3...

5.3CVSS5.8AI score0.00231EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

WordPress plugin Auto Affiliate Links 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS5.8AI score0.00231EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.19 views

PT-2026-43135

Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Affiliate Links: from n/a through 6.8.8.3...

5.3CVSS5.8AI score0.00231EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/08 9:56 a.m.14 views

WordPress Auto Affiliate Links plugin <= 6.8.8 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by DJumanto in WordPress Plugin Auto Affiliate Links versions = 6.8.8...

7.2CVSS5.8AI score0.00366EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/08 9:31 a.m.10 views

EUVD-2026-28540

The Auto Affiliate Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 6.8.8 This is due to insufficient input sanitization on the 'url' POST parameter in the aalurlstatssaveaction function and a complete absence of output escaping in...

7.2CVSS6AI score0.00366EPSS
Exploits0References13
NVD
NVD
added 2026/05/08 9:16 a.m.16 views

CVE-2026-7330

The Auto Affiliate Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 6.8.8 This is due to insufficient input sanitization on the 'url' POST parameter in the aalurlstatssaveaction function and a complete absence of output escaping in...

7.2CVSS0.00366EPSS
Exploits0References12
CVE
CVE
added 2026/05/08 8:26 a.m.14 views

CVE-2026-7330

The CVE-2026-7330 entry concerns the WordPress plugin Auto Affiliate Links (

7.2CVSS6AI score0.00366EPSS
Exploits0References12
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.8 views

WordPress plugin Auto Affiliate Links 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.2CVSS5.8AI score0.00366EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.17 views

PT-2026-38893

Name of the Vulnerable Software and Affected Versions Auto Affiliate Links versions prior to 6.8.9 Description The plugin is subject to Stored Cross-Site Scripting due to insufficient input sanitization of the url POST parameter within the aal url stats save action function and a lack of output...

7.2CVSS5.9AI score0.00366EPSS
Exploits0References16
Snyk
Snyk
added 2026/04/14 11:47 a.m.6 views

Malicious Package

Overview ms-affiliate-links is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/14 11:47 a.m.8 views

Malicious code in ms-affiliate-links (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 341048b16926b4d40796ca96aef3816934a2b84602c26451638154b6d90ab5d8 The package ms-affiliate-links was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/14 11:47 a.m.3 views

MAL-2026-2643 Malicious code in ms-affiliate-links (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 341048b16926b4d40796ca96aef3816934a2b84602c26451638154b6d90ab5d8 The package ms-affiliate-links was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
Rows per page
Query Builder