Jerome Bruandet

Organization: NinTechNet

18
All Time Ranking
212
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 41-60 of 212 Vulnerabilities

Title CVE ID CVSS Vector Date
Recently <= 3.0.4 - Arbitrary File Upload to Remote Code Exectution CVE-2021-4382 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H June 7, 2021
Style Kits <= 1.8.0 - Cross-Site Request Forgery Bypass CVE-2021-4401 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H March 1, 2021
Process Steps Template Designer <= 1.2.1 - Cross-Site Request Forgery CVE-2021-4349 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H March 1, 2021
Better Search <= 2.5.2 - Cross-Site Request Forgery to Settings Import CVE-2021-4373 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H March 1, 2021
Secure File Manager < 2.8.2 - Remote Code Execution CVE-2020-35235 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H November 23, 2020
TI WooCommerce Wishlist <= 1.21.11 and TI WooCommerce Wishlist Pro <= 1.21.4 - Arbitrary Options Update CVE-2020-36725 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 16, 2020
Coming Soon & Maintenance Mode Page <= 1.57 - Cross-Site Request Forgery CVE-2020-36707 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H September 16, 2020
Kali Forms <= 2.1.1 - Cross-Site Request Forgery CVE-2020-36717 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H August 21, 2020
Security & Malware scan by CleanTalk <= 2.50 - Missing Authorization CVE-2020-36698 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H July 6, 2020
Page Builder: KingComposer < 2.9.4 - Arbitrary File Upload CVE-2020-36701 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H June 15, 2020
Page Builder: KingComposer < 2.9.4 - Authorization Bypass due to Improper Access Control CVE-2020-36700 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H June 15, 2020
Mesmerize <= 1.6.89 & Materialis <= 1.0.172 - Authenticated Arbitrary Options Update CVE-2019-25142 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H December 2, 2019
Email Templates <= 1.3 - HTML Injection CVE-2019-25150 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H October 25, 2019
CformsII <= 15.0.1 - Unauthenticated HTML Injection & Cross-Site Request Forgery CVE-2019-15238 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H August 12, 2019
Woody Ad Snippets <= 2.2.4 - Missing Authorization to Settings Import CVE-2019-15858 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H August 2, 2019
Crelly Slider <= 1.3.4 - Arbitrary File Upload CVE-2019-15866 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H June 6, 2019
Kali Forms <= 2.1.1 - Unauthenticated Arbitrary Post Deletion CVE-2020-36712 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H August 21, 2020
CMP <= 3.8.1 - Missing Authorization CVE-2020-36730 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L August 4, 2020
Donations < 1.4 - Unauthenticated Arbitrary Options Change CVE-2019-15772 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:L August 3, 2019
WP Quick FrontEnd Editor <= 5.5 - Authenticated (Subscriber+) Content Injection CVE-2021-4383 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H January 12, 2021

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation