Jerome Bruandet

Organization: NinTechNet

18
All Time Ranking
212
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 21-40 of 212 Vulnerabilities

Title CVE ID CVSS Vector Date
Rucy <= 0.4.4 - Cross-Site Request Forgery Bypass CVE-2021-4396 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 16, 2021
Sell Media <= 2.5.5 - Cross-Site Request Forgery Bypass CVE-2021-4420 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 16, 2021
Opal Estate <= 1.6.11 - Missing Authorization CVE-2021-4388 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N August 16, 2021
WP-Backgrounds Lite <= 2.3 - Cross-Site Request Forgery Bypass CVE-2021-4419 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 16, 2021
Opal Estate <= 1.6.11 - Cross-Site Request Forgery Bypass CVE-2021-4387 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 16, 2021
WP Security Question <= 1.0.5 - Cross-Site Request Forgery Bypass CVE-2021-4386 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 16, 2021
RAYS Grid <= 1.2.2 - Cross-Site Request Forgery Bypass CVE-2021-4423 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 16, 2021
WooCommerce Etsy Integration <= 3.3.1 - Cross-Site Request Forgery Bypass CVE-2021-4409 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 16, 2021
Event Espresso 4 Decaf <= 4.10.11 - Cross-Site Request Forgery Bypass CVE-2021-4404 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 16, 2021
Welcart e-Commerce < 2.2.8 - Missing Capabilities Check to Information Disclosure CVE-2021-4375 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N August 6, 2021
Welcart e-Commerce < 2.2.8 - Missing Capabilities Check to Information Disclosure CVE-2021-4355 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N August 6, 2021
Advanced Shipment Tracking for WooCommerce <= 3.2.6 - Authenticated WordPress Options Change CVE-2021-4347 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H July 26, 2021
WordPress Photo Gallery – Image Gallery <= 1.0.6 - Cross-Site Request Forgery Bypass CVE-2021-4384 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N July 16, 2021
Frontend File Manager <= 18.2 - Unauthenticated Stored Cross-Site Scripting CVE-2021-4365 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N July 12, 2021
Frontend File Manager <= 18.2 - Unauthenticated Arbitrary File Download CVE-2021-4356 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H July 12, 2021
Frontend File Manager <= 18.2 - Privilege Escalation CVE-2021-4344 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N July 12, 2021
Frontend File Manager Plugin <= 18.2 - Unauthenticated Arbitrary Post Deletion CVE-2021-4359 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L July 12, 2021
Frontend File Manager <= 18.2 - Unauthenticated Post Meta Change CVE-2021-4351 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N July 12, 2021
Frontend File Manager <= 18.2 - Unauthenticated Content Injection CVE-2021-4369 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N July 12, 2021
Frontend File Manager <= 18.2 - Unauthenticated HTML Injection leading to Spam Emails CVE-2021-4350 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L July 12, 2021

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation