CVE-2025-46506 WordPress WpZon – Amazon Affiliate Plugin plugin <= 1.3 - CSRF to XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Lora77 WpZon – Amazon Affiliate Plugin wpzon allows Reflected XSS.This issue affects WpZon – Amazon Affiliate Plugin: from n/a through = 1.3...

PT-2025-17812 · WordPress · Wpzon – Amazon Affiliate Plugin

Name of the Vulnerable Software and Affected Versions: WpZon – Amazon Affiliate Plugin versions 1.3 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Reflected XSS. Recommendations: For versions 1.3 and earlier, update to a version that contains a f...