6.4.3

DATE	CVE	VULNERABILITY TITLE	RISK
2024-03-13	CVE-2024-1843	Missing Authorization vulnerability in Flamescorpion Auto Affiliate Links The Auto Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the aalAddLink function in all versions up to, and including, 6.4.3. network low complexity flamescorpion CWE-862	4.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.