cleantalk
Vulnerabilities and Security Researches

Auto Affiliate Links, CVE-2026-24592

CVE, Research URL

CVE-2026-24592

Home page URL

Security reports for Auto Affiliate Links

Application

Auto Affiliate Links

Published on
May 26, 2026
Research Description
Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Affiliate Links: from n/a through 6.8.8.3.
Affected versions
max 6.8.8.3.
Status
vulnerable
Previous vulnerability researches
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2024-7129) , Sep 15, 2024
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2024-7877) , Oct 17, 2024
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2024-7876) , Oct 17, 2024
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2026-3658) , Apr 13, 2026
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2026-3045) , Apr 13, 2026
New vulnerability
Export WP Page to Static HTML/CSS (CVE-2026-24574) , May 27, 2026
Team Showcase (CVE-2025-62745) , May 27, 2026
wpForo Forum (CVE-2026-42682) , May 27, 2026
Auto Affiliate Links (CVE-2026-24592) , May 27, 2026
Autoship Cloud for WooCommerce Subscription Products (CVE-2026-24527) , May 27, 2026