cleantalk
Vulnerabilities and Security Researches

Ultimate WordPress Auction Plugin, 8e7d1b2e96560e4407df0ba2ca77d987e31618b7

CVE, Research URL

8e7d1b2e96560e4407df0ba2ca77d987e31618b7

Home page URL

Security reports for Ultimate WordPress Auction Plugin

Application

Ultimate WordPress Auction Plugin

Published on
Jan 09, 2020
Research Description
Ultimate WordPress Auction Plugin [ultimate-auction] < 4.0.6 (closed) WordPress Ultimate Auction plugin <= 4.0.5 - Multiple CSRF & XSS vulnerabilities Multiple CSRF & XSS vulnerabilities found in WordPress Ultimate Auction plugin (versions <= 4.0.5).
Affected versions
max 4.0.6.
Status
vulnerable
Previous vulnerability researches
Ultimate WordPress Auction Plugin (CVE-2024-6591) , Jul 28, 2024
Ultimate WordPress Auction Plugin (CVE-2025-0958) , Mar 05, 2025
Ultimate WordPress Auction Plugin (CVE-2025-68084) , Jan 10, 2026
Ultimate WordPress Auction Plugin (CVE-2025-66125) , Jan 10, 2026
Ultimate WordPress Auction Plugin (8e7d1b2e96560e4407df0ba2ca77d987e31618b7) , Jun 07, 2024
New vulnerability
Pure WC Variation Swatches (CVE-2025-12820) , Jan 11, 2026
WP Scraper (CVE-2025-62088) , Jan 11, 2026
Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger Live Chat Support Chat Button &#8211; Bit As (CVE-2025-68596) , Jan 11, 2026
Free Follow-Up Emails &amp; Marketing Automation for WooCommerce &#8211; ShopMagic (CVE-2025-69093) , Jan 11, 2026
SALESmanago (CVE-2025-68571) , Jan 11, 2026