Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wphocus — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting wphocus. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by wphocus:My auctions allegro
CVE IDTitleCVSSSeverityPublished
CVE-2026-22491 WordPress My auctions allegro plugin <= 3.6.35 - Cross Site Scripting (XSS) vulnerability — My auctions allegroCWE-79 7.1 High2026-03-25
CVE-2026-22464 WordPress My auctions allegro plugin <= 3.6.33 - Local File Inclusion vulnerability — My auctions allegroCWE-98 7.5 High2026-01-22
CVE-2025-67943 WordPress My auctions allegro plugin <= 3.6.32 - Cross Site Scripting (XSS) vulnerability — My auctions allegroCWE-79 6.1AIMediumAI2026-01-22
CVE-2025-68567 WordPress My auctions allegro plugin <= 3.6.33 - Cross Site Request Forgery (CSRF) vulnerability — My auctions allegroCWE-352 5.4 Medium2025-12-24
CVE-2025-68566 WordPress My auctions allegro plugin <= 3.6.35 - Cross Site Scripting (XSS) vulnerability — My auctions allegroCWE-79 5.9 Medium2025-12-24
CVE-2025-12851 My auctions allegro <= 3.6.32 - Unauthenticated Local File Inclusion via controller — My auctions allegroCWE-98 8.1 High2025-12-05
CVE-2025-12850 My auctions allegro <= 3.6.32 - Unauthenticated SQL Injection via auction_id — My auctions allegroCWE-89 7.5 High2025-12-05
CVE-2025-10048 My Auctions Allegro Plugin <= 3.6.31 - Authenticated (Admin+) SQL Injection — My auctions allegroCWE-89 4.9 Medium2025-10-11
CVE-2025-27009 WordPress My auctions allegro plugin <= 3.6.33 - Cross Site Request Forgery (CSRF) vulnerability — My auctions allegroCWE-352 7.1 High2025-04-14
CVE-2025-31542 WordPress My auctions allegro plugin <= 3.6.20 - SQL Injection vulnerability — My auctions allegroCWE-89 8.5 High2025-03-31
CVE-2025-22733 WordPress My auctions allegro Plugin <= 3.6.18 - Reflected Cross Site Scripting (XSS) vulnerability — My auctions allegroCWE-79 7.1 High2025-01-21
CVE-2024-11707 My auctions allegro <= 3.6.17 - Reflected Cross-Site Scripting — My auctions allegroCWE-79 6.1 Medium2024-12-03

This page lists every published CVE security advisory associated with wphocus. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.