Vulnerabilities > Michaeluno

DATE CVE VULNERABILITY TITLE RISK
2024-10-04 CVE-2024-9349 Cross-site Scripting vulnerability in Michaeluno Auto Amazon Links
The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 5.4.2.
network
low complexity
michaeluno CWE-79
6.1
2024-02-01 CVE-2023-52175 Cross-site Scripting vulnerability in Michaeluno Auto Amazon Links
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Uno (miunosoft) Auto Amazon Links – Amazon Associates Affiliate Plugin allows Stored XSS.This issue affects Auto Amazon Links – Amazon Associates Affiliate Plugin: from n/a through 5.1.1.
network
low complexity
michaeluno CWE-79
5.4
2023-12-07 CVE-2023-45762 Open Redirect vulnerability in Michaeluno Responsive Column Widgets
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Michael Uno (miunosoft) Responsive Column Widgets.This issue affects Responsive Column Widgets: from n/a through 1.2.7.
network
low complexity
michaeluno CWE-601
6.1
2023-11-14 CVE-2023-47520 Cross-site Scripting vulnerability in Michaeluno Responsive Column Widgets
Unauth.
network
low complexity
michaeluno CWE-79
6.1
2023-10-20 CVE-2023-4482 Cross-site Scripting vulnerability in Michaeluno Auto Amazon Links
The Auto Amazon Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the style parameter in versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping.
network
low complexity
michaeluno CWE-79
5.4