Lucene search
K

6 matches found

CVE
CVE
added 2025/12/16 8:13 a.m.11 views

CVE-2025-68084

CVE-2025-68084 relates to the WordPress plugin “Ultimate Auction” (ultimate-auction). Connected sources confirm a Missing Authorization / Broken Access Control vulnerability affecting Ultimate Auction versions up to 4.3.2. The CVE entry is present in multiple feeds and the Wordfence vulnerability...

5.4CVSS5.7AI score0.00173EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/16 8:12 a.m.2 views

CVE-2025-66125 WordPress Ultimate Auction plugin <= 4.3.3 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Nitesh Ultimate Auction ultimate-auction allows Retrieve Embedded Sensitive Data.This issue affects Ultimate Auction : from n/a through = 4.3.3...

5.3CVSS5.2AI score0.0024EPSS
Exploits0References1
CVE
CVE
added 2025/12/16 8:12 a.m.10 views

CVE-2025-66125

CVE-2025-66125 affects the Ultimate WordPress Auction Plugin (

5.3CVSS5.8AI score0.0024EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/12 9:13 a.m.6 views

WordPress Ultimate Auction plugin <= 4.3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Ultimate Auction versions = 4.3.2...

5.4CVSS7AI score0.00173EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/29 12:0 a.m.9 views

WordPress Ultimate Auction Plugin <= 4.2.67 is vulnerable to Broken Access Control

Software Ultimate Auction Type Plugin Vulnerable versions = 4.2.67 Fixed in 4.2.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6591 Patch priority Medium CVSS severity Medium 5.8 Developer Claim ownership PSID 97fe9efdff7a Credits Lucio Sá Required...

5.8CVSS6.5AI score0.00401EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/06 12:0 a.m.13 views

WordPress Ultimate Auction Plugin <= 4.2.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Ultimate Auction Type Plugin Vulnerable versions = 4.2.5 Fixed in 4.2.6 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37543 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ed8502cd34a3 Credits Majed Refaea...

7AI score0.00191EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder