4 matches found
CVE-2025-4204
creationtimestamp| type| source ---|---|--- 2025-05-02 13:15:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14480 2025-05-02 14:43:54+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lo6vopdmx3b2 2025-05-02 15:31:08+00:00| seen|...
CVE-2025-4204
The Ultimate Auction Pro plugin for WordPress is vulnerable to SQL Injection via the ‘auctionid’ parameter in all versions up to, and including, 1.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...
CVE-2025-4204
CVE-2025-4204: Ultimate Auction Pro for WordPress (
WordPress Ultimate Auction Pro plugin <= 1.5.2 - Unauthenticated SQL Injection via 'auction_id' vulnerability
Unauthenticated SQL Injection via 'auctionid' vulnerability discovered by Tom Broucke in WordPress Plugin Ultimate Auction Pro versions = 1.5.2...