First published: Mon Nov 13 2023(Updated: )
Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links allows Stored XSS.This issue affects Auto Affiliate Links: from n/a through 6.4.2.4.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Autoaffiliatelinks Auto Affiliate Links | <6.4.2.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2023-47652.
The severity of CVE-2023-47652 is high with a severity value of 7.1.
CVE-2023-47652 is a Cross-Site Request Forgery (CSRF) vulnerability in the Lucian Apostol Auto Affiliate Links plugin which allows Stored XSS.
The affected software for CVE-2023-47652 is Auto Affiliate Links plugin version up to but not including 6.4.2.5.
Yes, there is a fix available for CVE-2023-47652. It is recommended to update to Auto Affiliate Links plugin version 6.4.2.5 or later.