cleantalk
Vulnerabilities and Security Researches

My auctions allegro, CVE-2026-22491

CVE, Research URL

CVE-2026-22491

Home page URL

Security reports for My auctions allegro

Application

My auctions allegro

Published on
Mar 25, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Reflected XSS.This issue affects My auctions allegro: from n/a through <= 3.6.35.
Affected versions
max 3.6.35.
Status
vulnerable
Previous vulnerability researches
My auctions allegro (CVE-2025-27009) , Apr 16, 2025
My auctions allegro (CVE-2024-11707) , Dec 06, 2024
My auctions allegro (CVE-2025-68567) , Jan 10, 2026
My auctions allegro (CVE-2025-68566) , Jan 10, 2026
My auctions allegro (CVE-2025-12851) , Dec 10, 2025
New vulnerability
AMP Enhancer &#8211; Compatibility Layer for Official AMP Plugin (CVE-2026-2027) , Apr 16, 2026
WaveSurfer-WP (CVE-2026-1909) , Apr 16, 2026
xmlrpc attacks blocker (CVE-2026-2502) , Apr 16, 2026
Templately – Gutenberg &amp; Elementor Template Library: 5000+ Free &amp; Pro Ready Templates &amp; Cloud! (CVE-2026-0831) , Apr 16, 2026
iRobots.txt SEO (CVE-2025-68840) , Apr 16, 2026