Reflected XSS Vulnerability in Auto Amazon Links WordPress Plugin
The Auto Amazon Links – Amazon Associates Affiliate Plugin for WordPress has a Reflected Cross-Site Scripting issue. This happens because of improper escaping in the add_query_arg function for the URL. All versions until 5.4.2 have this issue. It allows attackers to insert harmful scripts into pages. The attacker needs to trick a user to click a link for the script to run.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
michaeluno auto amazon links |