Abdi Pranata

7
All Time Ranking
300
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 281-300 of 300 Vulnerabilities

Title CVE ID CVSS Vector Date
CM On Demand Search And Replace <= 1.3.0 - Cross-Site Request Forgery CVE-2023-28749 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 9, 2023
WP Page Numbers <= 0.5 - Cross-Site Request Forgery via wp_page_numbers_settings CVE-2023-27623 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N April 24, 2023
Ultimate Noindex Nofollow Tool II <= 1.3.3 - Cross-Site Request Forgery CVE-2023-30474 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N April 13, 2023
Enable Accessibility <= 1.4 - Cross-Site Request Forgery CVE-2023-30484 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N April 13, 2023
Superb Social Media Share Buttons and Follow Buttons <= 1.1.3 - Missing Authorization via spbsmAjax CVE-2023-29428 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N April 6, 2023
Spreadshop Plugin <= 1.6.5 - Cross-Site Request Forgery CVE-2023-29426 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N April 6, 2023
Superb Social Media Share Buttons and Follow Buttons <= 1.1.3 - Cross-Site Request Forgery via spbsmAjax 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N April 6, 2023
Configurable Tag Cloud <= 5.2 - Cross-Site Request Forgery via ctc_options_page() CVE-2023-28995 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N March 30, 2023
WP Clean Up <= 1.2.3 - Cross-Site Request Forgery via wp_clean_up_optimize CVE-2023-25034 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N March 3, 2023
多合一搜索自动推送管理插件-支持Baidu/Google/Bing/IndexNow/Yandex/头条 <= 4.2.5 - Cross-Site Request Forgery CVE-2023-26531 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N February 24, 2023
WordPress Tooltips <= 8.2.5 - Multiple Cross-Site Request Forgery CVE-2023-25985 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N February 23, 2023
Integration for Contact Form 7 and Zoho CRM, Bigin <= 1.2.2 - Cross-Site Request Forgery via settings_page function CVE-2023-25976 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N February 22, 2023
VikBooking Hotel Booking Engine & PMS <= 1.5.12 - Cross-Site Request Forgery in widgets_watch_data function CVE-2023-25707 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N February 15, 2023
VikBooking Hotel Booking Engine & PMS <= 1.5.12 - Cross-Site Request Forgery in exec_multitask_widgets function CVE-2023-25707 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N February 15, 2023
VikBooking Hotel Booking Engine & PMS <= 1.5.12 - Cross-Site Request Forgery in exec_admin_widget function CVE-2023-25707 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N February 15, 2023
VikBooking Hotel Booking Engine & PMS <= 1.5.12 - Cross-Site Request Forgery in admin_widgets_welcome function CVE-2023-25707 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N February 15, 2023
WP VR <= 8.2.7 - Cross-Site Request Forgery CVE-2023-25708 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N February 14, 2023
Feed Them Social <= 4.2.0 - Cross-Site Request Forgery via review_nag_check CVE-2024-24710 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N January 31, 2024
Restaurant & Cafe Addon for Elementor <= 1.5.3 - Missing Authorization via multiple AJAX functions CVE-2023-47826 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N November 16, 2023
WP Like Button <= 1.7.0 - Missing Authorization via crublabFBLBAjax CVE-2023-47820 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N November 15, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation