🦸 Calling all superheroes! Introducing the WordPress Superhero Challenge for the Wordfence Bug Bounty Program: Earn up to $31,200 for High Impact Vulnerabilities! Through October 14th, 2024, all vulnerabilities reported in plugins or themes with >= 5,000,000 active installs will be 3x our highest bounty rewards making our top reward $31,200. Check out the updated bounties here!

Wordfence Intelligence > Vulnerability Researchers > CrashBandicot

CrashBandicot

303

All Time Ranking

All Time Discoveries

90 Day Published Submissions

N/A

Last Published Submission

7 Vulnerabilities

A/B Test for WordPress <= 1.0.7 - Local File Inclusion

9.8

CVE ID Unknown

Mar 21, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

PHP Event Calendar for WordPress < 1.5.1 - Arbitrary File Upload

9.8

CVE ID Unknown

Apr 2, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

DesignFolio Plus Theme (Unkown Versions) - Arbitrary File Upload

9.8

CVE-2015-10087

Mar 4, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

IMDB Profile Widget < 1.0.9 - Local File Inclusion

7.5

CVE-2016-10991

Mar 26, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

S3Bubble Cloud Video with Adverts and Analytics < 4.8 - Arbitrary File Download

7.5

CVE-2015-9463

Jul 7, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

S3 Bubble Amazon S3 HTML5 Video with Adverts <= 0.7 - Directory Traversal to Arbitrary File Access

7.5

CVE-2015-9464

Jul 5, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

S3 Bubble Amazon S3 HTML5 Video with Adverts <= 2.0 - Arbitrary File Download

7.5

CVE ID Unknown

Apr 7, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Title	CVE ID	CVSS	Vector	Date
A/B Test for WordPress <= 1.0.7 - Local File Inclusion		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 21, 2016
PHP Event Calendar for WordPress < 1.5.1 - Arbitrary File Upload		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 2, 2015
DesignFolio Plus Theme (Unkown Versions) - Arbitrary File Upload	CVE-2015-10087	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 4, 2015
IMDB Profile Widget < 1.0.9 - Local File Inclusion	CVE-2016-10991	7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	March 26, 2016
S3Bubble Cloud Video with Adverts and Analytics < 4.8 - Arbitrary File Download	CVE-2015-9463	7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	July 7, 2015
S3 Bubble Amazon S3 HTML5 Video with Adverts <= 0.7 - Directory Traversal to Arbitrary File Access	CVE-2015-9464	7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	July 5, 2015
S3 Bubble Amazon S3 HTML5 Video with Adverts <= 2.0 - Arbitrary File Download		7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	April 7, 2015

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation