[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fuC5bXnyCFXhgUOfXjmyAu6F11Rakt1lxNC0G7YD2554":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2022-45840","auto-affiliate-links-authenticated-subscriber-plugin-settings-change","Auto Affiliate Links \u003C= 6.2.1.5 - Authenticated (Subscriber+) Plugin Settings Change","The Auto Affiliate Links plugin for WordPress is vulnerable to improper access control via multiple AJAX actions in versions up to, and including, 6.2.1.5. This allows authenticated attackers with subscriber-level permissions or above to modify plugin settings such as adding exclusions for posts and words and to view statistics.","wp-auto-affiliate-links",null,"\u003C=6.2.1.5","6.2.1.6","medium",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Improper Access Control","2023-02-06 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7f787c75-7b27-4256-ac0c-abc2988ea7c8?source=api-prod",351]