161 matches found
CVE-2026-22491
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Reflected XSS.This issue affects My auctions allegro: from n/a through = 3.6.35...
EUVD-2026-15493
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Reflected XSS.This issue affects My auctions allegro: from n/a through = 3.6.35...
CVE-2026-22491
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Reflected XSS.This issue affects My auctions allegro: from n/a through = 3.6.35...
PT-2026-27815
Name of the Vulnerable Software and Affected Versions wphocus My auctions allegro versions through 3.6.35 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting XSS condition. This allows an attacker...
CVE-2025-67943
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Reflected XSS.This issue affects My auctions allegro: from n/a through = 3.6.32...
CVE-2025-67943
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Reflected XSS.This issue affects My auctions allegro: from n/a through = 3.6.32...
CVE-2025-67943
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Reflected XSS.This issue affects My auctions allegro: from n/a through = 3.6.32...
PT-2026-4026
Name of the Vulnerable Software and Affected Versions wphocus My auctions allegro versions through 3.6.32 Description The software contains a flaw related to improper input handling during web page creation, which can lead to Reflected Cross-site Scripting XSS. This allows for the injection of...
CVE-2008-6567
Multiple cross-site scripting XSS vulnerabilities in Gallarific Free Edition allow remote attackers to inject arbitrary web script or HTML via 1 the e-mail address, 2 a comment, which is not properly handled during moderation, and 3 the tag parameter to gallery/tags.php...
CVE-2025-68567
Cross-Site Request Forgery CSRF vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Cross Site Request Forgery.This issue affects My auctions allegro: from n/a through = 3.6.33...
CVE-2025-68566
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Stored XSS.This issue affects My auctions allegro: from n/a through = 3.6.35...
EUVD-2025-205268
Cross-Site Request Forgery CSRF vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Cross Site Request Forgery.This issue affects My auctions allegro: from n/a through = 3.6.32...
EUVD-2025-205269
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Stored XSS.This issue affects My auctions allegro: from n/a through = 3.6.32...
CVE-2025-68566
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Stored XSS.This issue affects My auctions allegro: from n/a through = 3.6.35...
CVE-2025-68567
Cross-Site Request Forgery CSRF vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Cross Site Request Forgery.This issue affects My auctions allegro: from n/a through = 3.6.33...
CVE-2025-68567 WordPress My auctions allegro plugin <= 3.6.33 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Cross Site Request Forgery.This issue affects My auctions allegro: from n/a through = 3.6.33...
PT-2025-53255
Cross-Site Request Forgery CSRF vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Cross Site Request Forgery.This issue affects My auctions allegro: from n/a through = 3.6.32...
PT-2025-53254
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Stored XSS.This issue affects My auctions allegro: from n/a through = 3.6.32...
CVE-2025-61950
In GroupSession, a Circular notice can be created with its memo field non-editable, but the authorization check is improperly implemented. With some crafted request, a logged-in user may alter the memo field. The affected products and versions are GroupSession Free edition prior to ver5.3.0,...
CVE-2025-65120
Reflected cross-site scripting vulnerability exists in GroupSession Free edition prior to ver5.7.1, GroupSession byCloud prior to ver5.7.1, and GroupSession ZION prior to ver5.7.1. If a user accesses a crafted page or URL, an arbitrary script may be executed on the web browser of the user...