CVE-2025-31542

Published Mar 31, 2025

Last updated 4 days ago

CVSS high 8.5

Overview

Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wphocus My auctions allegro allows Blind SQL Injection. This issue affects My auctions allegro: from n/a through 3.6.20.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.5
Impact score
4.7
Exploitability score
3.1
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Severity
HIGH

Weaknesses

audit@patchstack.com
CWE-89

Social media

Hype score
Not currently trending

  1. [CVE-2025-31542: HIGH] Vulnerability alert: wphocus My auctions allegro is exposed to Blind SQL Injection. Versions affected: n/a to 3.6.20. Ensure you are protected against this cyber threat.#cybersecurity,#vulnerability https://t.co/fzvYOBnxxS https://t.co/LkHyC7Ntjr

    @CveFindCom

    31 Mar 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References