Filtered by vendor Miunosoft
Subscriptions
Filtered by product Auto Amazon Links Amazon Associates Affiliate Plugin
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-11451 | 2 Miunosoft, Wordpress | 2 Auto Amazon Links Amazon Associates Affiliate Plugin, Wordpress | 2025-11-12 | 7.5 High |
| The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to arbitrary files reads in all versions up to, and including, 5.4.3 via the '/wp-json/wp/v2/aal_ajax_unit_loading' RST API endpoint. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. | ||||
Page 1 of 1.