Jerome Bruandet

Organization: NinTechNet

18
All Time Ranking
212
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 81-100 of 212 Vulnerabilities

Title CVE ID CVSS Vector Date
eCommerce Product Catalog Plugin for WordPress <= 3.0.17 - Cross-Site Request Forgery Bypass CVE-2021-4393 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N March 1, 2021
Custom Banners <= 3.2.2 - Cross-Site Request Forgery Bypass CVE-2021-4407 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N March 1, 2021
Ultimate GDPR & CCPA <= 2.4 - Unauthenticated Settings Import & Export CVE-2021-4348 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N February 5, 2021
uListing <= 1.6.6 - Missing Authorization CVE-2021-4370 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 28, 2021
uListing <= 1.6.6 - Unauthenticated Arbitrary Account Creation CVE-2021-4343 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 28, 2021
uListing <= 1.6.6 - Unauthenticated Information Disclosure CVE-2021-4339 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N January 28, 2021
uListing <= 1.6.6 - Unauthenticated Wordpress Options Changes via AJAX CVE-2021-4341 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 28, 2021
uListing <= 1.6.6 - Unauthenticated Options Changes via wp_route CVE-2021-4381 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 28, 2021
uListing <= 1.6.6 - Unauthenticated Arbitrary Account Changes CVE-2021-4346 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 28, 2021
uListing <= 1.6.6 - Unauthenticated Arbitrary Roles and Capabilities Creation/Deletion CVE-2021-4345 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N January 28, 2021
uListing <= 1.6.6 - Unauthenticated Arbitrary Post/Page Deletion CVE-2021-4357 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H January 28, 2021
Doneren met Mollie <= 2.8.4 - Information Disclosure CVE-2021-4377 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N January 22, 2021
WP Quick FrontEnd Editor <= 5.5 - Authenticated (Subscriber+) Content Injection CVE-2021-4383 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H January 12, 2021
WP Quick FrontEnd Editor <= 5.5 - Authenticated Settings Change CVE-2021-4371 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N January 12, 2021
WP Quick FrontEnd Editor <= 5.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting CVE-2021-4378 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N January 12, 2021
WP Quick FrontEnd Editor <= 5.5 - Reflected Cross-Site Scripting CVE-2021-4363 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N January 12, 2021
Newsletter Manager <= 1.5.1 - Insecure Deserialization CVE-2020-36727 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H December 29, 2020
ListingPro - WordPress Directory & Listing Theme < 2.6.1 - Sensitive Information Disclosure CVE-2020-36723 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N December 17, 2020
ListingPro - WordPress Directory & Listing Theme < 2.6.1 - Arbitrary Plugin Installation, Activation and Deactivation CVE-2020-36719 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H December 17, 2020
Secure File Manager < 2.8.2 - Remote Code Execution CVE-2020-35235 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H November 23, 2020

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation