Lucene search
+L

39 matches found

CVE
CVE
added 2025/01/07 6:0 a.m.56 views

CVE-2024-8857

CVE-2024-8857 affects WordPress Auction Plugin (WordPress Auction Plugin) up to version 3.7. The issue is Stored Cross-Site Scripting (XSS) via unsanitized/unchecked plugin settings, allowing an Editor+ (high-privilege) user to inject scripts. Multiple connected sources corroborate the vulnerabil...

4.8CVSS5.5AI score0.00317EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.8 views

PT-2025-3704 · WordPress · Wordpress Auction Plugin

Name of the Vulnerable Software and Affected Versions: WordPress Auction Plugin versions 3.7 and earlier Description: The issue allows editors and above to perform SQL injection attacks due to the plugin not sanitizing and escaping a parameter before using it in a SQL statement. Recommendations:...

9.8CVSS9.4AI score0.00617EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.8 views

WordPress plugin WordPress Auction Plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.8CVSS8.5AI score0.00617EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.10 views

PT-2025-3705 · WordPress · Wordpress Auction Plugin

Name of the Vulnerable Software and Affected Versions: WordPress Auction Plugin versions 3.7 and earlier Description: The issue allows high privilege users, such as editors, to perform Stored Cross-Site Scripting attacks due to the plugin not sanitizing and escaping some of its settings...

4.8CVSS7.9AI score0.00317EPSS
Exploits1References5
Patchstack
Patchstack
added 2025/01/03 2:41 p.m.5 views

WordPress WordPress Auction Plugin plugin <= 3.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin WordPress Auction Plugin versions = 3.7...

7.6CVSS8.1AI score0.00466EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/12/06 2:15 p.m.17 views

CVE-2024-54207

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Marka WordPress Auction Plugin wp-auctions allows Stored XSS.This issue affects WordPress Auction Plugin: from n/a through = 3.7...

5.9CVSS0.00258EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/06 1:7 p.m.29 views

CVE-2024-54207 WordPress WordPress Auction Plugin plugin <= 3.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Marka WordPress Auction Plugin wp-auctions allows Stored XSS.This issue affects WordPress Auction Plugin: from n/a through = 3.7...

5.9CVSS0.00258EPSS
Exploits0References1
CVE
CVE
added 2024/12/06 1:7 p.m.56 views

CVE-2024-54207

CVE-2024-54207 describes an Stored XSS in the WordPress Auction Plugin (WordPress Auction Plugin) versions up to and including 3.7, caused by improper input neutralization during web page generation. Public references in the provided documents confirm the existence of this XSS vulnerability and i...

5.9CVSS7.2AI score0.00258EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/06 1:7 p.m.23 views

CVE-2024-51615 WordPress WordPress Auction Plugin plugin <= 3.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Marka WordPress Auction Plugin wp-auctions allows SQL Injection.This issue affects WordPress Auction Plugin: from n/a through = 3.7...

9.3CVSS0.00449EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/06 1:7 p.m.22 views

CVE-2024-51615 WordPress WordPress Auction Plugin plugin <= 3.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Marka WordPress Auction Plugin wp-auctions allows SQL Injection.This issue affects WordPress Auction Plugin: from n/a through = 3.7...

9.3CVSS7.3AI score0.00449EPSS
Exploits0References1
CVE
CVE
added 2024/12/06 1:7 p.m.58 views

CVE-2024-51615

CVE-2024-51615 is an unauthenticated SQL injection in WordPress Auction Plugin (WP Auctions) 3.7). Patch status in reported records is unpatched.

9.3CVSS7.3AI score0.00449EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/06 12:0 a.m.6 views

WordPress plugin WordPress Auction Plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.3CVSS8.7AI score0.00449EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/06 12:0 a.m.8 views

PT-2024-34758 · WordPress · Wordpress Auction Plugin

Name of the Vulnerable Software and Affected Versions: WordPress Auction Plugin versions n/a through 3.7 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

9.3CVSS8.2AI score0.00449EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/12/02 12:47 p.m.4 views

WordPress WordPress Auction Plugin plugin <= 3.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin WordPress Auction Plugin versions = 3.7...

5.9CVSS6.1AI score0.00258EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/12/02 9:59 a.m.5 views

WordPress WordPress Auction Plugin plugin <= 3.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin WordPress Auction Plugin versions = 3.7...

9.3CVSS8.1AI score0.00449EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/27 12:0 a.m.6 views

PT-2024-37743 · WordPress · The Ultimate Wordpress Auction Plugin

Name of the Vulnerable Software and Affected Versions: The Ultimate WordPress Auction Plugin versions prior to 4.2.7 Description: The issue allows unauthorized email creation and sending due to a missing capability check on the send auction email callback and resend auction email callback...

5.8CVSS6.9AI score0.00401EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2013/06/17 12:0 a.m.25 views

Ultimate WordPress Auction 1.0 Cross Site Request Forgery

============================================================= \ \ / / | | / \ / | | \ \ V / | | | | | | | | | / \ | ' \ | | | | | | | | | | | | '| | / / . \ | | | | | | || | | | | | | | | | // \ | ./ || / || || |/ || | | || blackpentesters.blogspot.com...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2013/06/17 12:0 a.m.18 views

WordPress Plugin Ultimate WordPress Auction Plugin 1.0 - Cross-Site Request Forgery

WordPress Plugin Ultimate WordPress Auction Plugin 1.0 - Cross-Site Request Forgery ============================================================= \ \ / / | | / \ / | | \ \ V / | | | | | | | | | / \ | ' \ | | | | | | | | | | | | '| | / / . \ | | | | | | || | | | | | | | | | // \ | ./ || / || ||...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2013/06/17 12:0 a.m.32 views

WordPress Plugin Ultimate WordPress Auction Plugin 1.0 - Cross-Site Request Forgery

============================================================= \ \ / / | | / \ / | | \ \ V / | | | | | | | | | / \ | ' \ | | | | | | | | | | | | '| | / / . \ | | | | | | || | | | | | | | | | // \ | ./ || / || || |/ || | | || blackpentesters.blogspot.com...

7AI score
Exploits0
Rows per page
Query Builder