My auctions allegro
wphocus
Developer
3.6.35
Latest version
500
Installations
No date
Last updated
Vulnerability history
2 present
10 patched
6 Mitigation rules
- Cross Site Scripting (XSS) vulnerability<= 3.6.3505/03/2026
- Cross Site Scripting (XSS) vulnerability<= 3.6.3219/01/2026
- Local File Inclusion vulnerability<= 3.6.3304/01/2026
- Cross Site Request Forgery (CSRF) vulnerability<= 3.6.3317/12/2025
- Cross Site Scripting (XSS) vulnerability<= 3.6.3517/12/2025
- Unauthenticated Local File Inclusion via controller vulnerability<= 3.6.3205/12/2025
- Unauthenticated SQL Injection via auction_id vulnerability<= 3.6.3205/12/2025
- Authenticated (Admin+) SQL Injection vulnerability<= 3.6.3110/10/2025
- Cross Site Request Forgery (CSRF) vulnerability<= 3.6.3314/04/2025
- SQL Injection vulnerability<= 3.6.2031/03/2025
- Reflected Cross Site Scripting (XSS) vulnerability<= 3.6.1815/01/2025
- Reflected Cross-Site Scripting vulnerability<= 3.6.1702/12/2024