CVE-2021-24127

Name of the Vulnerable Software and Affected Versions: ThirstyAffiliates Affiliate Link Manager WordPress plugin versions prior to 3.9.3

Description: The issue is related to unvalidated input and a lack of output encoding, which made the ThirstyAffiliates Affiliate Link Manager WordPress plugin vulnerable to authenticated Stored Cross-Site Scripting (XSS). This could potentially lead to privilege escalation.

Recommendations: For versions prior to 3.9.3, update to version 3.9.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionality to minimize the risk of exploitation.