CVE-2014-4598
Cross-site scripting (XSS) in the WordPress wp-tmkm-amazon-plugin (wp-tmkm-amazon-search.php) 1.5b and earlier via the AID parameter. Root cause: insufficient input sanitization/validation allowing injected script HTML. Affected: WordPress plugin wp-tmkm-amazon (version ≤1.5b). Impact: remote att...