PT-2024-34787 · WordPress · Amazon Associate Filter
Soprobro
·
Published
2024-11-19
·
Updated
2024-11-23
·
CVE-2024-51643
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Amazon Associate Filter versions 0.4 and earlier
Description
A Cross-Site Request Forgery (CSRF) vulnerability allows Stored XSS attacks. This issue affects the Amazon Associate Filter plugin for WordPress. Remediation is crucial to safeguard sites.
Recommendations
Update the Amazon Associate Filter plugin to the latest version to protect your site.
As a temporary workaround, consider disabling the plugin until a patch is available.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Amazon Associate Filter