WordPress Plugin Auto Amazon Links - Amazon Associates Affiliate Arbitrary File Read Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An arbitrary file read vulnerability exists in the WordPress plugin Auto Amazon Links - Amazon...

EUVD-2024-49875

Malicious code in bioql PyPI...

CVE-2024-9349 Auto Amazon Links – Amazon Associates Affiliate Plugin <= 5.4.2 - Reflected Cross-Site Scripting

The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 5.4.2. This makes it possible for unauthenticated attackers t...

CVE-2023-6956

CVE-2023-6956 concerns the EasyAzon – Amazon Associates Affiliate Plugin for WordPress. The vulnerability is a Reflected XSS in the easyazon-cloaking-locale parameter affecting all versions up to and including 5.1.0, caused by insufficient input sanitization and output escaping. This enables unau...

CVE-2023-6956 EasyAzon – Amazon Associates Affiliate Plugin <= 5.1.0 - Reflected Cross-Site Scripting via easyazon-cloaking-locale

The EasyAzon – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘easyazon-cloaking-locale’ parameter in all versions up to, and including, 5.1.0 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2023-52175

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Uno miunosoft Auto Amazon Links – Amazon Associates Affiliate Plugin allows Stored XSS.This issue affects Auto Amazon Links – Amazon Associates Affiliate Plugin: from n/a through 5.1.1...

CVE-2023-52175

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Uno miunosoft Auto Amazon Links – Amazon Associates Affiliate Plugin allows Stored XSS.This issue affects Auto Amazon Links – Amazon Associates Affiliate Plugin: from n/a through 5.1.1...

CVE-2023-52175

CVE-2023-52175 affects the WordPress Auto Amazon Links – Amazon Associates Affiliate Plugin up through version 5.1.1. Root cause: improper neutralization of input during web page generation, enabling stored XSS. A fix is available in 5.1.2; update to a version later than 5.1.1 to mitigate. Patchs...

WordPress Affiliate Link Builder Plugin for Amazon Associates – Review Engine Plugin <= 1.0.41 is vulnerable to Cross Site Scripting (XSS)

Software Affiliate Link Builder Plugin for Amazon Associates – Review Engine Type Plugin Vulnerable versions = 1.0.41 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...

WordPress Affiliate Link Builder Plugin for Amazon Associates – Review Engine plugin <= 1.0.41 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Affiliate Link Builder Plugin for Amazon Associates – Review Engine plugin versions = 1.0.41. Solution No patched version available...

http-affiliate-id NSE Script

Grabs affiliate network IDs e.g. Google AdSense or Analytics, Amazon Associates, etc. from a web page. These can be used to identify pages with the same owner. If there is more than one target using an ID, the postrule of this script shows the ID along with a list of the targets using it. Support...