Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2025/12/21 4:12 a.m.15 views

CVE-2025-14735

The "Amazon affiliate lite Plugin" plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS5AI score0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/21 4:12 a.m.9 views

CVE-2025-14734

The Amazon affiliate lite Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the 'ADALsettingspage' function. This makes it possible for unauthenticated attackers to update...

5.4CVSS5.2AI score0.00101EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/20 6:30 a.m.3 views

EUVD-2025-204632

The "Amazon affiliate lite Plugin" plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS4.6AI score0.002EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/20 6:30 a.m.5 views

EUVD-2025-204630

The Amazon affiliate lite Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the 'ADALsettingspage' function. This makes it possible for unauthenticated attackers to update...

5.4CVSS4.8AI score0.00101EPSS
Exploits0References3
NVD
NVD
added 2025/12/20 4:16 a.m.3 views

CVE-2025-14735

The "Amazon affiliate lite Plugin" plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS0.002EPSS
Exploits0References3
NVD
NVD
added 2025/12/20 4:16 a.m.5 views

CVE-2025-14734

The Amazon affiliate lite Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the 'ADALsettingspage' function. This makes it possible for unauthenticated attackers to update...

5.4CVSS0.00101EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/20 3:20 a.m.2 views

CVE-2025-14734 Amazon affiliate lite Plugin <= 1.0.0 - Cross-Site Request Forgery to Plugin Settings Update

The Amazon affiliate lite Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the 'ADALsettingspage' function. This makes it possible for unauthenticated attackers to update...

5.4CVSS4.8AI score0.00101EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/20 3:20 a.m.20 views

CVE-2025-14734 Amazon affiliate lite Plugin <= 1.0.0 - Cross-Site Request Forgery to Plugin Settings Update

The Amazon affiliate lite Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the 'ADALsettingspage' function. This makes it possible for unauthenticated attackers to update...

5.4CVSS0.00101EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/20 3:20 a.m.15 views

CVE-2025-14735 Amazon affiliate lite Plugin <= 1.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting

The "Amazon affiliate lite Plugin" plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS0.002EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/20 3:20 a.m.2 views

CVE-2025-14735 Amazon affiliate lite Plugin <= 1.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting

The "Amazon affiliate lite Plugin" plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS4.7AI score0.002EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/20 12:0 a.m.6 views

PT-2025-52545

Name of the Vulnerable Software and Affected Versions Amazon affiliate lite Plugin versions prior to 1.0.1 Description The “Amazon affiliate lite Plugin” for WordPress is susceptible to Stored Cross-Site Scripting through admin settings. Insufficient input sanitization and output escaping allow...

4.4CVSS5.3AI score0.002EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/12/20 12:0 a.m.5 views

PT-2025-52544

Name of the Vulnerable Software and Affected Versions Amazon affiliate lite Plugin versions prior to 1.0.1 Description The Amazon affiliate lite Plugin for WordPress is susceptible to Cross-Site Request Forgery due to insufficient nonce validation within the ADAL settings page function. This allo...

5.4CVSS6.1AI score0.00101EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/20 12:0 a.m.3 views

WordPress plugin Amazon affiliate lite Plugin 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

5.4CVSS6.3AI score0.00101EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/20 12:0 a.m.3 views

WordPress plugin Amazon affiliate lite Plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

4.4CVSS5.8AI score0.002EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/12/19 9:57 p.m.5 views

WordPress Amazon affiliate lite Plugin plugin <= 1.0.0 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Amazon affiliate lite versions = 1.0.0...

5.4CVSS6.7AI score0.00101EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/12/19 9:56 p.m.6 views

WordPress Amazon affiliate lite Plugin plugin <= 1.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Amazon affiliate lite versions = 1.0.0...

4.4CVSS5.5AI score0.002EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2025/11/25 12:0 a.m.2 views

WordPress Affiliate AI Lite plugin cross-site scripting vulnerability

WordPress Affiliate AI Lite plugin is an affiliate marketing plugin for WordPress designed to help users boost traffic and revenue through customer referral and promotion programs. The WordPress Affiliate AI Lite plugin suffers from a cross-site scripting vulnerability that stems from the...

6.4CVSS6AI score0.00194EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/11/20 10:6 p.m.6 views

WordPress Affiliate AI Lite plugin <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gilang - DJ in WordPress Plugin Affiliate AI Lite versions = 1.0.1...

6.4CVSS5.8AI score0.00194EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder