25 matches found
PT-2025-13710 · Unknown · Wphocus My Auctions Allegro
Name of the Vulnerable Software and Affected Versions: wphocus My auctions allegro versions 3.6.20 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, which affects the wphocus My auctions allegro software. This type of vulnerabilit...
CVE-2025-22733
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Reflected XSS.This issue affects My auctions allegro: from n/a through = 3.6.18...
CVE-2025-22733
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Reflected XSS.This issue affects My auctions allegro: from n/a through = 3.6.18...
CVE-2025-22733
CVE-2025-22733 is a Reflected XSS in the WordPress plugin My auctions allegro (free edition) up to version 3.6.18, caused by improper neutralization of input during web page generation. The vulnerability allows an attacker to reflect malicious input via the page, with exploit potential requiring ...
PT-2025-4657 · WordPress · Wphocus My Auctions Allegro
Name of the Vulnerable Software and Affected Versions: WPHocus My auctions allegro versions 3.6.18 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows Reflected XSS. This means an attacker can inject malicious scripts into the...