CVE-2022-40968

MEDIUM4.8JSON export Create alert

Description

Reflected Cross-Site Scripting (XSS) vulnerability in 2kb Amazon Affiliates Store plugin <=2.1.5 on WordPress.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

Affected products

2kblater / 2kb Amazon Affiliates Storen/a – 2.1.5

References

MISChttps://patchstack.com/database/vulnerability/2kb-amazon-affiliates-store/wordpress-2kb-amazon-affiliates-store-plugin-2-1-5-auth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve