Vulnerabilities > Michaeluno
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-04 | CVE-2024-9349 | Cross-site Scripting vulnerability in Michaeluno Auto Amazon Links The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 5.4.2. | 6.1 |
2024-02-01 | CVE-2023-52175 | Cross-site Scripting vulnerability in Michaeluno Auto Amazon Links Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Uno (miunosoft) Auto Amazon Links – Amazon Associates Affiliate Plugin allows Stored XSS.This issue affects Auto Amazon Links – Amazon Associates Affiliate Plugin: from n/a through 5.1.1. | 5.4 |
2023-12-07 | CVE-2023-45762 | Open Redirect vulnerability in Michaeluno Responsive Column Widgets URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Michael Uno (miunosoft) Responsive Column Widgets.This issue affects Responsive Column Widgets: from n/a through 1.2.7. | 6.1 |
2023-11-14 | CVE-2023-47520 | Cross-site Scripting vulnerability in Michaeluno Responsive Column Widgets Unauth. | 6.1 |
2023-10-20 | CVE-2023-4482 | Cross-site Scripting vulnerability in Michaeluno Auto Amazon Links The Auto Amazon Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the style parameter in versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping. | 5.4 |