PT-2024-37743 · WordPress · The Ultimate Wordpress Auction Plugin
Name of the Vulnerable Software and Affected Versions: The Ultimate WordPress Auction Plugin versions prior to 4.2.7 Description: The issue allows unauthorized email creation and sending due to a missing capability check on the send auction email callback and resend auction email callback...