VYPR

Wp Auto Affiliate Links

by WordPress

Source repositories

CVEs (5)

  • CVE-2024-34386HigMay 6, 2024
    risk 0.49cvss 7.6epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lucian Apostol Auto Affiliate Links.This issue affects Auto Affiliate Links: from n/a through 6.4.3.1.

  • CVE-2023-35097HigJun 20, 2023
    risk 0.46cvss 7.1epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Internet Marketing Dojo WP Affiliate Links plugin <= 0.1.1 versions.

  • CVE-2022-45840MedDec 13, 2024
    risk 0.42cvss 6.5epss 0.01

    Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Auto Affiliate Links: from n/a through 6.2.1.5.

  • CVE-2024-9838MedMay 15, 2025
    risk 0.35cvss 5.4epss 0.00

    The Auto Affiliate Links WordPress plugin before 6.4.7 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks

  • CVE-2026-24592MedMay 25, 2026
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Affiliate Links: from n/a through 6.8.8.3.