cleantalk
Vulnerabilities and Security Researches

My auctions allegro, CVE-2025-27009

CVE, Research URL

CVE-2025-27009

Home page URL

Security reports for My auctions allegro

Application

My auctions allegro

Published on
Apr 14, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in wphocus My auctions allegro allows Stored XSS.This issue affects My auctions allegro: from n/a through 3.6.20.
Affected versions
Min -, max 3.6.20.
Status
vulnerable
Previous vulnerability researches
License For Envato (CVE-2025-32566) , Apr 14, 2025
New vulnerability
Password Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease (CVE-2025-3453) , Apr 18, 2025
Site Search 360 (CVE-2025-39530) , Apr 17, 2025
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2025-39589) , Apr 17, 2025
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2025-39590) , Apr 17, 2025
Basic Interactive World Map (CVE-2025-39517) , Apr 17, 2025