My auctions allegro
wphocus
Developer
3.6.33
Latest version
600
Installations
No date
Last updated
Vulnerability history
1 present
6 fixed
4 Mitigation rules
- Unauthenticated Local File Inclusion via controller vulnerability<= 3.6.32Dec 5, 2025
- Unauthenticated SQL Injection via auction_id vulnerability<= 3.6.32Dec 5, 2025
- Authenticated (Admin+) SQL Injection vulnerability<= 3.6.31Oct 10, 2025
- Cross Site Request Forgery (CSRF) vulnerability<= 3.6.33Apr 14, 2025
- SQL Injection vulnerability<= 3.6.20Mar 31, 2025
- Reflected Cross Site Scripting (XSS) vulnerability<= 3.6.18Jan 15, 2025
- Reflected Cross-Site Scripting vulnerability<= 3.6.17Dec 2, 2024