Vulnerabilities and security researches foramazonsimpleadmin amazonsimpleadmin

Jun 06, 2024

CVE, Research URL: CVE-2023-27417
Home page URL: Security reports for Affiliate Super Assistent
Application: Affiliate Super Assistent
Date: Nov 13, 2023
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Timo Reith Affiliate Super Assistent plugin <= 1.5.1 versions.
Affected versions: max 1.5.2.
Status: vulnerable

Sep 11, 2024

CVE, Research URL: CVE-2024-8478
Home page URL: Security reports for Affiliate Super Assistent
Application: Affiliate Super Assistent
Date: Sep 10, 2024
Research Description: The The Affiliate Super Assistent plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.5.3. This is due to the software allowing users to supply arbitrary shortcodes in comments when the 'Parse comments' option is enabled. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
Affected versions: max 1.5.4.
Status: vulnerable

May 30, 2026

CVE, Research URL: CVE-2026-42759
Home page URL: Security reports for Affiliate Super Assistent
Application: Affiliate Super Assistent
Date: May 27, 2026
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timo Affiliate Super Assistent amazonsimpleadmin allows Stored XSS.This issue affects Affiliate Super Assistent: from n/a through <= 1.10.1.
Affected versions: max 1.10.1.
Status: vulnerable