5 matches found
CVE-2023-47652
CVE-2023-47652 affects the WordPress plugin Auto Affiliate Links (
CVE-2023-22689
CVE-2023-22689 affects the WordPress plugin “Auto Affiliate Links” and is triggered by a Cross-Site Request Forgery (CSRF) vulnerability in versions
CVE-2024-1843
CVE-2024-1843 (Auto Affiliate Links, WordPress) is a publicly known vulnerability in the WP Auto Affiliate Links plugin (affected versions up to 6.4.3) where a missing capability check in aalAddLink allows authenticated users with subscriber access or higher to modify data by adding arbitrary lin...
CVE-2023-25973
CVE-2023-25973 is a CSRF vulnerability in the WordPress plugin Lucian Apostol Auto Affiliate Links, affecting versions
CVE-2024-9838
The CVE pertains to the WordPress plugin Auto Affiliate Links, affected versions prior to 6.4.7. The underlying issue is insufficient sanitization/escaping of a parameter before its use in a SQL statement, enabling admin users to perform SQL injection. Reported remediation is to upgrade to versio...