Ultimate WordPress Auction Plugin

Vulnerabilities 11Slug ultimate-auctionLatest version 4.3.3WordPress.org →

Minimum safe version

4.3.0

Update to 4.3.0 or later to address 9 fixable vulnerabilities

Latest available4.3.3 ✓⚠ 2 vulnerabilities have no fix

Medium 5.4 Unfixed

2025-12-16≤ 4.3.3

CVE-2025-68084

CVE Wordfence

Medium 5.3 Unfixed

2025-12-16≤ 4.3.3

CVE-2025-66125

CVE Wordfence

Medium 5.4

2025-03-04< 4.3.0

WordPress Ultimate Auction Plugin <= 4.2.9 is vulnerable to Arbitrary Content Deletion

Patchstack EUVD Wordfence CVE

Medium 5.8

2024-07-29< 4.2.8

WordPress Ultimate Auction Plugin <= 4.2.6 is vulnerable to Broken Access Control

Patchstack CVE Wordfence

Medium 4.3

2025-01-02< 4.2.6

CVE-2024-37543

CVE Wordfence Patchstack

N/A

2013-06-17< 1.0.1

Ultimate WordPress Auction Plugin < 1.0.1 - Cross-Site Request Forgery

Wordfence

N/A

2019-12-18< 4.0.6

Ultimate Auction <= 4.0.5 - Cross-Site Request Forgery and Cross-Site Scripting

Wordfence

N/A

< 1.0.1

Ultimate Auction 1.0 - Cross-Site Request Forgery (CSRF)

WPScan

N/A

< 4.0.6

Ultimate Auction < 4.0.6 - Multiple CSRF & XSS

WPScan

N/A

2013-06-17< 1.1

WordPress Ultimate Auction Plugin 1.0 - CSRF

Patchstack

N/A

2020-01-09< 4.0.6

WordPress Ultimate Auction plugin <= 4.0.5 - Multiple CSRF & XSS vulnerabilities

Patchstack