CVE-2017-14622 Scanner

The 2kb Amazon Affiliates Store plugin is a popular WordPress plugin used by many website owners to generate income through Amazon's affiliate program. This plugin allows users to easily create an Amazon product store on their website, with customizable templates and product displays. It is widely used by bloggers, marketers, and e-commerce stores to monetize their content and drive sales through Amazon.

However, the plugin has been found to have multiple cross-site scripting (XSS) vulnerabilities, including CVE-2017-14622. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the page or kbAction parameters in the kbAmz page to wp-admin/admin.php. Hackers can exploit this vulnerability to execute scripts on the website, steal sensitive information like user credentials, and even take over the entire website.

If this vulnerability is successfully exploited, it can have devastating consequences for website owners. Attackers can use it to gain unauthorized access to the website and its data, deface the website, or even use it as a launchpad for attacks against other websites and networks. Moreover, it can severely damage the reputation of the website and its owner, leading to loss of business and trust among customers.

If website owners are not sure about the security of their digital assets, they can rely on the securityforeveryone.com platform to quickly and easily scan and identify vulnerabilities in their websites, applications, and networks. With pro features like vulnerability scanning, automatic updates, and expert advice, website owners can rest assured that their digital assets are secure and protected against the latest threats and attacks.

REFERENCES

• securityfocus.com: 101050 
• https://packetstormsecurity.com/files/144261/WordPress-2kb-Amazon-Affiliates-Store-2.1.0-Cross-Site-Scripting.html 
• https://wordpress.org/plugins/2kb-amazon-affiliates-store/#developers