Vulnerabilities > Michaeluno > Auto Amazon Links > 5.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-04 | CVE-2024-9349 | Cross-site Scripting vulnerability in Michaeluno Auto Amazon Links The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 5.4.2. | 6.1 |
| 2023-10-20 | CVE-2023-4482 | Cross-site Scripting vulnerability in Michaeluno Auto Amazon Links The Auto Amazon Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the style parameter in versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping. | 5.4 |