Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
15020.7%HIGH

Related CVEs

5
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2024-9838The Auto Affiliate Links WordPress plugin before 6.4.7 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacksMEDIUM5.418.7%May 15, 2025
CVE-2024-1843The Auto Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the aalAddLink function in all versions up to, and including, 6.4.3. This makes it possible for authenticated attackers, with subscriber access or higher, to add arbitrary links to posts.MEDIUM4.341.0%Mar 13, 2024
CVE-2023-47652Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links allows Stored XSS.This issue affects Auto Affiliate Links: from n/a through 6.4.2.4.MEDIUM6.110.9%Nov 13, 2023
CVE-2023-22689Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links plugin <= 6.3 versions.HIGH8.816.9%May 20, 2023
CVE-2023-25973Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links plugin <= 6.3.0.2 versions.HIGH8.816.0%Mar 13, 2023