Dhabaleshwar Das

19
All Time Ranking
205
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 1-20 of 205 Vulnerabilities

Title CVE ID CVSS Vector Date
5 Stars Rating Funnel <= 1.2.67 - Missing Authorization CVE-2024-32725 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N April 22, 2024
Advanced Local Pickup for WooCommerce <= 1.6.1 - Missing Authorization to Notice Dismissal CVE-2024-32814 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L April 22, 2024
Active Products Tables for WooCommerce <= 1.0.6.2 - Missing Authorization CVE-2024-32691 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N April 19, 2024
Advanced Sermons <= 3.1 - Reflected Cross-Site Scripting via s CVE-2024-29928 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N March 25, 2024
WPZOOM Shortcodes <= 1.0.1 - Reflected Cross-Site Scripting CVE-2024-22162 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N January 16, 2024
Finale Lite <= 2.18.0 - Cross-Site Request Forgery CVE-2024-32107 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N April 11, 2024
ShortPixel Adaptive Images <= 3.8.3 - Authenticated (Admin+) Server-Side Request Forgery CVE-2024-35172 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N May 10, 2024
Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler <= 1.6.4 - Missing Authorization via Several AJAX Action CVE-2024-34826 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N May 9, 2024
USPS Shipping for WooCommerce – Live Rates <= 1.9.2 - Cross-Site Request Forgery CVE-2024-31943 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N April 10, 2024
Basic Log Viewer <= 1.0.4 - Cross-Site Request Forgery via wpst_lw_viewer CVE-2024-24935 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L February 9, 2024
Icegram <= 3.1.24 - Missing Authorization CVE-2024-43272 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N August 12, 2024
Smart Online Order for Clover <= 1.5.6 - Missing Authorization CVE-2024-43253 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N August 12, 2024
Arconix Shortcodes <= 2.1.11 - Missing Authorization CVE-2024-38769 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N July 19, 2024
Arconix FAQ <= 1.9.4 - Missing Authorization CVE-2024-38783 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N July 19, 2024
Product Delivery Date for WooCommerce – Lite <= 2.7.2 - Missing Authorization CVE-2024-38702 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N July 11, 2024
EleForms <= 2.9.9.9 - Missing Authorization CVE-2024-38748 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N July 11, 2024
Charitable <= 1.8.1.7 - Missing Authorization via ajax_license_check() CVE-2024-37510 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N July 4, 2024
Newsmatic <= 1.3.1 - Missing Authorization CVE-2024-37468 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N July 1, 2024
TrustedLogin Vendor < 1.1.1 - Unauthenticated Information Disclosure CVE-2024-37270 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N June 27, 2024
LA-Studio Element Kit for Elementor <= 1.3.6 - Missing Authorization CVE-2024-35725 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N June 6, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation