2kb Amazon Affiliates Store <= 2.1.5 – Reflected XSS | CVE 2022-40968

Affects Plugins

2kb-amazon-affiliates-store

No known fix

References

CVE

CVE-2022-40968

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

6.1 (medium)

Miscellaneous

Original Researcher

ptsfence

Verified

No

WPVDB ID

e30e78bf-4cda-443b-b776-c7b88cee1914

Timeline

Publicly Published

2022-10-24 (about 3 years ago)

Added

2022-12-04 (about 3 years ago)

Last Updated

2022-12-27 (about 3 years ago)

Other

Published

Title

Published

2024-07-17

Title

Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) < 5.6.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2024-09-30

Title

Happy Addons for Elementor < 3.12.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2022-03-29

Title

Anti-Malware Security and Brute-Force Firewall < 4.20.96 - Reflected Cross-Site Scripting

Published

2024-10-31

Title

(dp) AddThis <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2017-02-07

Title

XO Security < 1.5.3 - XSS