Medium severity6.5NVD Advisory· Published Feb 1, 2024· Updated Apr 28, 2026

CVE-2023-52175

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Uno (miunosoft) Auto Amazon Links – Amazon Associates Affiliate Plugin allows Stored XSS.This issue affects Auto Amazon Links – Amazon Associates Affiliate Plugin: from n/a through 5.1.1.

Affected products

Michaeluno/Auto Amazon Links
cpe:2.3:a:michaeluno:auto_amazon_links:*:*:*:*:*:wordpress:*:*
Range: <5.1.2

Patches

828f755aa3a8

https://github.com/michaeluno/amazon-auto-linksvia osv

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

patchstack.com/database/vulnerability/amazon-auto-links/wordpress-auto-amazon-links-amazon-associates-affiliate-plugin-5-0-5-auth-stored-cross-site-scripting-xss-vulnerabilitynvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000