Jerome Bruandet

Organization: NinTechNet

18
All Time Ranking
212
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 101-120 of 212 Vulnerabilities

Title CVE ID CVSS Vector Date
Ultimate Reviews < 2.1.33 - PHP Object Injection CVE-2020-36726 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H November 10, 2020
GDPR CCPA Compliance Support <= 2.3 - PHP Object Injection CVE-2020-36718 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H November 3, 2020
TI WooCommerce Wishlist <= 1.21.11 and TI WooCommerce Wishlist Pro <= 1.21.4 - Arbitrary Options Update CVE-2020-36725 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 16, 2020
Epsilon Framework Themes (Various Versions) - Function Injection CVE-2020-36708 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 1, 2020
Epsilon Framework Themes (Various Versions) - Unauthenticated Plugin Activation/Deactivation CVE-2020-36721 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L October 1, 2020
WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.6.3 - Cross-Site Request Forgery Bypass CVE-2020-36735 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 26, 2020
WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce <= 1.5.15 - Cross-Site Request Forgery Bypass CVE-2020-36736 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 26, 2020
Hueman <= 3.6.3 - Cross-Site Request Forgery Bypass CVE-2020-36753 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 26, 2020
Customizr <= 4.3.0 - Cross-Site Request Forgery Bypass CVE-2020-36755 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 26, 2020
Ocean Extra <=1.6.5 - Cross-Site Request Forgery Bypass CVE-2020-36760 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 26, 2020
Simple:Press – WordPress Forum Plugin <= 6.6.0 - Arbitrary File Upload CVE-2020-36706 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H September 25, 2020
Coming Soon & Maintenance Mode Page <= 1.57 - Cross-Site Request Forgery CVE-2020-36707 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H September 16, 2020
Import / Export Customizer Settings <= 1.0.3 - Cross-Site Request Forgery Bypass CVE-2020-36737 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 16, 2020
Cool Timeline (Horizontal & Vertical Timeline) <= 2.0.2 - Cross-Site Request Forgery Bypass CVE-2020-36738 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 16, 2020
Feed Them Social – Page, Post, Video, and Photo Galleries <= 2.8.6 - Cross-Site Request Forgery Bypass CVE-2020-36739 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 16, 2020
Radio Buttons for Taxonomies <= 2.0.5 - Cross-Site Request Forgery Bypass CVE-2020-36740 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 16, 2020
MultiVendorX – MultiVendor Marketplace Solution For WooCommerce <= 3.5.7 - Cross-Site Request Forgery Bypass CVE-2020-36741 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 16, 2020
Custom Field Template <= 2.5.1 - Cross-Site Request Forgery Bypass CVE-2020-36742 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 16, 2020
Product Catalog Simple <= 1.5.13 - Cross-Site Request Forgery Bypass CVE-2020-36743 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 16, 2020
NotificationX <= 1.8.2 - Cross-Site Request Forgery Bypass CVE-2020-36744 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 16, 2020

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation