James Hooker

62
All Time Ranking
53
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 21-40 of 53 Vulnerabilities

Title CVE ID CVSS Vector Date
WordPress Leads < 1.6.3 - Authorization Bypass 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N March 31, 2015
Newsletter <= 3.8.2 - Open Redirect 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N March 30, 2015
Easy Coming Soon <= 1.6.1 - Authenticated Stored Cross-Site Scripting 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N March 18, 2015
IP Blacklist Cloud < 3.43 - Directory Traversal 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N March 13, 2015
WPshop 2 – E-Commerce < 1.3.9.6 - Arbitrary File Upload 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H March 9, 2015
Custom Community 2.0 - 2.0.24 - Stored Cross-Site Scripting 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L March 9, 2015
Contact Form by FormGet < 5.3.1 - Authenticated Stored Cross-Site Scripting 7.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L March 7, 2015
Ultimate CSV Importer < 3.6.75 - Information Disclosure 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N February 22, 2015
Gallery Bank – WordPress Photo Gallery <= 3.0.101 - SQL Injection 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H February 21, 2015
Store Locator < 3.34 - SQL Injection 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H February 9, 2015
Users Ultra Membership, Users Community and Member Profiles With PayPal Integration Plugin < 1.4.36 - SQL Injection 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H February 9, 2015
Feed Them Social <= 1.6.9 - Reflected Cross-Site Scripting CVE-2015-9350 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N February 2, 2015
Revive Old Posts – Social Media Auto Post and Scheduling Plugin < 8.0.0 - Authorization Bypass 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H February 2, 2015
Feed Them Social <= 1.6.9 - Arbitrary Shortcode Execution CVE-2015-9351 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H February 2, 2015
SpiderVPlayer< 1.5.5 - Reflected Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N February 2, 2015
WordPress Calls to Action < 2.2.8 - Unauthenticated Stored Cross-Site Scripting 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N February 2, 2015
Cart66 Lite - WordPress Ecommerce < 1.5.4 - Directory Traversal to Arbitrary File Disclosure CVE-2014-9461 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N January 1, 2015
Sell Downloads <= 1.0.1 - Arbitrary File Read CVE-2014-9511 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N December 29, 2014
Cart66 Lite :: WordPress Ecommerce <= 1.5.3 - SQL Injection CVE-2014-9442 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H December 22, 2014
Store Locator 2.3 - 3.11 - SQL Injection CVE-2014-8621 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H November 5, 2014

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation