CVE-2025-10048
The CVE-2025-10048 entry concerns the WordPress plugin My auctions allegro (versions up to and including 3.6.31). It is vulnerable to SQL Injection via the order parameter due to insufficient escaping and inadequate query preparation, enabling an authenticated attacker with Administrator+ privile...