Skip to main content

Ultimate Woocommerce Auction Pro

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-4259 HIGH POC This Week

The ultimate-woocommerce-auction-pro WordPress plugin through 2.4.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

WordPress XSS Ultimate Woocommerce Auction Pro
NVD WPScan VulDB
CVSS 3.1
7.1
CVE-2026-4110 MEDIUM POC This Month

The ultimate-woocommerce-auction-pro WordPress plugin through 2.4.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

WordPress XSS Ultimate Woocommerce Auction Pro
NVD WPScan VulDB
CVSS 3.1
6.1
CVE-2026-4259
CVSS 7.1
HIGH POC This Week

The ultimate-woocommerce-auction-pro WordPress plugin through 2.4.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

WordPress XSS Ultimate Woocommerce Auction Pro
NVD WPScan VulDB
CVE-2026-4110
CVSS 6.1
MEDIUM POC This Month

The ultimate-woocommerce-auction-pro WordPress plugin through 2.4.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

WordPress XSS Ultimate Woocommerce Auction Pro
NVD WPScan VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy