22 Sep

Vulnerability Details: Reflected Cross-Site Scripting (XSS) Vulnerability in 2kb Amazon Affiliates Store

The changelog entry for version 2.1.1 of the plugin 2kb Amazon Affiliates Store is “Security fix, thanks to Ricardo”. In looking over the changes made in that version we found it was a reflected cross-site scripting (XSS) vulnerability that was fixed. (After we finished up writing this post a report was released from the discoverer of the […]