Dave Jong

Organization: Patchstack

11
All Time Ranking
260
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 141-160 of 260 Vulnerabilities

Title CVE ID CVSS Vector Date
Easing Slider <= 3.0.8 - Missing Authorization to Unauthenticated Settings Reset CVE-2023-30490 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N May 16, 2023
WoodMart <= 7.2.1 - Missing Authorization CVE-2023-32240 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N May 11, 2023
WoodMart <= 7.2.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting CVE-2023-32239 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N May 11, 2023
Woodmart Core <= 1.0.36 - PHP Object Injection CVE-2023-32242 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H May 11, 2023
Woodmart Core <= 1.0.36 - Authentication Bypass to Privilege Escalation CVE-2023-32244 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H May 11, 2023
YITH WooCommerce Gift Cards Premium <= 3.23.1 - Missing Authorization CVE-2022-44633 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L May 10, 2023
TheGem < 5.8.1.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting CVE-2023-32237 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N May 5, 2023
Community by PeepSo <= 6.0.9.0 - Missing Authorization to Sensitive Information Exposure CVE-2023-27630 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N May 5, 2023
TheGem < 5.8.1.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting CVE-2023-32237 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N May 5, 2023
TheGem < 5.8.1.1 - Improper Authentication CVE-2023-32238 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L May 5, 2023
TheGem < 5.8.1.1 - Missing Authorization CVE-2023-32238 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L May 5, 2023
Points and Rewards for WooCommerce <= 1.5.0 - Cross-Site Request Forgery to Settings Change CVE-2023-27607 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 5, 2023
Points and Rewards for WooCommerce <= 1.5.0 - Missing Authorization CVE-2023-27608 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L May 5, 2023
Editorialmag <= 1.2.0 - Missing Authorization to Authenticated Plugin Activation CVE-2023-32129 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L May 4, 2023
CM Pop-Up banners <= 1.5.10 - Authenticated (Subscriber+) SQL Injection via getStatistics CVE-2023-30750 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H May 3, 2023
Educenter <= 1.5.7 - Missing Authorization via activate_plugin CVE-2023-30480 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N April 14, 2023
Square <= 2.0.0 - Missing Authorization via activate_plugin CVE-2023-30486 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N April 13, 2023
Blogger Buzz <= 1.2.4 - Missing Authorization via activate_plugin CVE-2023-30476 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N April 13, 2023
Houzez <= 2.8.2 - Unauthenticated SQL Injection CVE-2023-29432 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H April 6, 2023
Viral Mag <= 1.0.9 - Missing Authorization to Arbitrary Plugin Activation CVE-2023-28990 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N March 30, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation