Jerome Bruandet

Organization: NinTechNet

18
All Time Ranking
212
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 161-180 of 212 Vulnerabilities

Title CVE ID CVSS Vector Date
MStore API <= 2.1.5 - Authentication Bypass CVE-2020-36713 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H March 11, 2020
WP Activity Log <= 4.0.1 - Missing Authorization CVE-2020-36716 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L March 8, 2020
Flexible Checkout Fields for WooCommerce <= 2.3.1 - Unauthenticated Arbitrary Plugin Settings Update CVE-2020-36731 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N February 26, 2020
GDPR Cookie Consent & Compliance Notice <= 1.8.2 - Authenticated Stored Cross-Site Scripting and Authorization Bypass CVE-2020-20633 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 11, 2020
Wordable <= 3.1.1 - Authentication Bypass CVE-2020-36724 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 28, 2020
WPS Hide Login <= 1.5.4.2 - Hidden Login Page Location Disclosure CVE-2020-36710 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N January 27, 2020
Slideshow, Image Slider by 2J <= 1.3.31 - Authorization Bypass CVE-2020-36729 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L January 20, 2020
Gallery Images Ape <= 2.0.6 - Authenticated Plugin Deactivation CVE-2019-25149 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H December 30, 2019
GDPR Cookie Compliance <= 4.0.2 - Missing Authorization CVE-2019-25143 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L December 27, 2019
Mesmerize <= 1.6.89 & Materialis <= 1.0.172 - Authenticated Arbitrary Options Update CVE-2019-25142 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H December 2, 2019
IgniteUp – Coming Soon and Maintenance Mode <= 3.4 - Stored Cross-Site Scripting CVE-2019-17236 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 10, 2019
IgniteUp – Coming Soon and Maintenance Mode <= 3.4 - Unauthenticated Arbitrary File Deletion CVE-2019-17234 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N November 10, 2019
IgniteUp – Coming Soon and Maintenance Mode <= 3.4.0 - Information Disclosure CVE-2019-17235 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N November 10, 2019
Funnel Builder <= 1.3.0 - Arbitrary Plugin Activation CVE-2019-25151 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L November 7, 2019
YIT Plugin Framework <= 3.3.8 - Authenticated Settings Change CVE-2019-16251 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N October 31, 2019
GiveWP <= 2.5.9 - Missing Authorization to Settings Update CVE-2020-20627 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N October 30, 2019
WP HTML Mail < 2.2.11 - HTML injection CVE-2019-25144 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N October 25, 2019
Email Templates <= 1.3 - HTML Injection CVE-2019-25150 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H October 25, 2019
WP HTML Mail < 2.9.1 - HTML Injection CVE-2019-25148 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N October 25, 2019
Sliced Invoices < 3.8.4 - Authenticated SQL Injection CVE-2020-20625 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N October 17, 2019

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation