CVE Alert: CVE-2025-11451 – miunosoft – Auto Amazon Links – Amazon Associates Affiliate Plugin
CVE-2025-11451
HIGHNo exploitation known
The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to arbitrary files reads in all versions up to, and including, 5.4.3 via the ‘/wp-json/wp/v2/aal_ajax_unit_loading’ RST API endpoint. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
CVSS v3.1 (7.5)
Vendor
miunosoft
Product
Auto Amazon Links – Amazon Associates Affiliate Plugin
Versions
* lte 5.4.3
CWE
CWE-73, CWE-73 External Control of File Name or Path
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Published
2025-11-11T03:30:39.282Z
Updated
2025-11-11T03:30:39.282Z
References
AI Summary Analysis
**Risk verdict**: High risk: unauthenticated arbitrary file read via a public REST endpoint could disclose sensitive server data; patch promptly.
**Why this matters**: The flaw enables remote disclosure of configuration and other sensitive files, potentially exposing credentials or secrets and enabling further compromise. For organisations, this can drive data breaches, regulatory penalties, downtime, and reputational harm, especially on public WordPress sites or those hosting private keys, tokens, or config files.
**Most likely attack path**: Attacks require no authentication and can be executed over the network against vulnerable installations with the affected plugin active and the endpoint exposed. An attacker can send requests to the REST endpoint to read arbitrary files; no user interaction is needed (UI: No). Scope remains within the affected component, but the attacker’s goal is to exfiltrate sensitive data from the server.
**Who is most exposed**: WordPress sites running this plugin in publicly accessible hosting environments or misconfigured deployments are at highest risk, particularly if the plugin is integral to content or affiliate workflows and REST API access is unrestricted.
**Detection ideas**:
- Unauthenticated requests to /wp-json/wp/v2/aal_ajax_unit_loading from external sources.
- Repeated or unusual file-path read attempts (e.g., targeting wp-config.php or other sensitive files).
- WAF/IDS alerts for this endpoint or path traversal patterns.
- Spikes in REST API traffic from unknown IPs or geographies.
- Irregular error responses or content leakage in responses.
**Mitigation and prioritisation**:
- Patch to a secure plugin version or remove/disable the vulnerable plugin if no fix is available.
- Implement WAF rules or server controls to block or restrict access to the vulnerable REST endpoint; enable least-privilege REST API access.
- Rotate credentials and review access logs for potential data exposure; tighten monitoring for file-read indicators.
- Deploy changes in a staging/test environment before production; verify there is no loss of legitimate functionality.
Support Our Work
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.
AI APIs OSINT driven New features
