Erwan LR

Organization: WPScan

34
All Time Ranking
125
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 41-60 of 125 Vulnerabilities

Title CVE ID CVSS Vector Date
MultiParcels Shipping For WooCommerce <= 1.15.3 - Reflected Cross-Site Scripting CVE-2023-3671 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N July 17, 2023
MultiParcels Shipping For WooCommerce <= 1.14.13 - Missing Authorization via get_history CVE-2023-3365 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L July 17, 2023
WooCommerce Pre-Orders <= 2.0.2 - Cross-Site Request Forgery to Order Cancellation CVE-2023-3507 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N July 10, 2023
WooCommerce Pre-Orders <= 2.0.2 - Cross-Site Request Forgery CVE-2023-3508 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N July 10, 2023
Grid Kit Premium < 2.2.0 - Reflected Cross-Site Scripting CVE-2023-3292 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N July 10, 2023
POST SMTP Mailer <= 2.5.6 - Cross-Site Request Forgery to Arbitrary Log Deletion CVE-2023-3178 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 26, 2023
POST SMTP Mailer <= 2.5.6 - Cross-Site Request Forgery to Account Compromise CVE-2023-3179 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N June 26, 2023
WooCommerce Google Sheet Connector <= 1.3.9 - Cross-Site Request Forgery CVE-2023-2329 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 26, 2023
Caldera Forms Google Sheets Connector <= 1.3 - Cross-Site Request Forgery CVE-2023-2330 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 26, 2023
Restrict Content <= 3.2.2 - Reflected Cross-Site Scripting CVE-2023-3182 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 23, 2023
Companion Sitemap Generator <= 4.5.1.1 - Reflected Cross-Site Scripting CVE-2023-1780 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 19, 2023
Elementor Forms Google Sheet Connector <= 1.0.6 - Reflected Cross-Site Scripting via 'code' CVE-2023-2324 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 12, 2023
WPForms Google Sheet Connector <= 3.4.5 - Reflected Cross-Site Scripting CVE-2023-2321 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 12, 2023
Ninja Forms Google Sheet Connector <= 1.2.6 - Reflected Cross-Site Scripting CVE-2023-2333 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N June 12, 2023
ND Shortcodes <= 6.9 - Authenticated (Subscriber+) Local File Inclusion CVE-2023-1273 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N June 12, 2023
CF7 Google Sheets Connector <= 5.0.1 - Reflected Cross-Site Scripting via 'code' CVE-2023-2320 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 12, 2023
Gravity Forms Google Sheet Connector <= 1.3.4 - Cross-Site Request Forgery via verify_code_integation_new CVE-2023-2326 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N June 5, 2023
KiviCare – Clinic & Patient Management System (EHR) <= 3.2.0 - Missing Authorization CVE-2023-2627 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N June 5, 2023
KiviCare – Clinic & Patient Management System (EHR) <= 3.2.0 - Sensitive Information Exposure CVE-2023-2623 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N June 5, 2023
KiviCare – Clinic & Patient Management System (EHR) <= 3.2.0 - Cross-Site Request Forgery CVE-2023-2628 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N June 5, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation