Wordfence Intelligence   >   Vulnerability Researchers   >   Fariq Fadillah Gusti Insani (fariqfgi)

Fariq Fadillah Gusti Insani (fariqfgi)

127
All Time Ranking
29
All Time Discoveries
0
90 Day Published Submissions
23 Dec '24
Last Published Submission

2 Achievements

Learn more about Achievements
Submitted XSS Vulnerability
Submitted XSS Vulnerability
September 4, 2024
Submitted 1 Vulnerability
Submitted 1 Vulnerability
April 11, 2024
Learn more Learn more about Achievements

Showing 21-29 of 29 Vulnerabilities

JS Help Desk – Best Help Desk & Support Plugin <= 2.7.7 - Authenticated (Subscriber+) Insecure Direct Object Reference
6.3
CVE-2023-23679
Jun 20, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Stamped.io Product Reviews & UGC for WooCommerce <= 2.3.2 - Missing Authorization
6.5
CVE-2023-30479
Apr 13, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
JS Job Manager <= 2.0.0 - Missing Authorization
6.5
CVE-2023-28689
Mar 21, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
WP Job Portal <= 2.0.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting
6.4
CVE-2023-28534
Mar 17, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
JS Job Manager <= 2.0.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via title
6.4
CVE-2023-25963
Feb 21, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Survey Maker <= 3.2.0 - Missing Authorization
5.3
CVE-2023-22697
Jan 27, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
JobBoardWP <= 1.2.2 - Missing Authorization to Job Posting Manipulation
6.5
CVE-2023-23715
Jan 25, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Yoast SEO <= 17.2 - Full Path Disclosure
5.3
CVE-2021-25118
Oct 5, 2021
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
15Zine | Magazine Newspaper Blog News WordPress Theme < 3.3.0 - Reflected Cross-Site Scripting
6.1
CVE-2020-36510
Sep 21, 2020
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
JS Help Desk – Best Help Desk & Support Plugin <= 2.7.7 - Authenticated (Subscriber+) Insecure Direct Object Reference CVE-2023-23679 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L June 20, 2023
Stamped.io Product Reviews & UGC for WooCommerce <= 2.3.2 - Missing Authorization CVE-2023-30479 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N April 13, 2023
JS Job Manager <= 2.0.0 - Missing Authorization CVE-2023-28689 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N March 21, 2023
WP Job Portal <= 2.0.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting CVE-2023-28534 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N March 17, 2023
JS Job Manager <= 2.0.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via title CVE-2023-25963 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 21, 2023
Survey Maker <= 3.2.0 - Missing Authorization CVE-2023-22697 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N January 27, 2023
JobBoardWP <= 1.2.2 - Missing Authorization to Job Posting Manipulation CVE-2023-23715 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L January 25, 2023
Yoast SEO <= 17.2 - Full Path Disclosure CVE-2021-25118 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N October 5, 2021
15Zine | Magazine Newspaper Blog News WordPress Theme < 3.3.0 - Reflected Cross-Site Scripting CVE-2020-36510 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N September 21, 2020

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation

This site uses cookies in accordance with our Privacy Policy.