Multiple cross-site scripting (XSS) vulnerabilities in the 2kb Amazon Affiliates Store plugin prior to 2.1.1 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) page parameter or (2) kbAction parameter in the kbAmz page to wp-admin/admin.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
2kblater 2kb amazon affiliates store |