Wordfence Intelligence   >   Vulnerability Researchers   >   João Pedro Soares de Alcântara

João Pedro Soares de Alcântara

Organization: Kinorth

20
All Time Ranking
197
All Time Discoveries
0
90 Day Published Submissions
19 Aug '24
Last Published Submission

About

My name is João Pedro Soares de Alcântara, i'm a bug bounty hunter, ethical hacker, RPA developer and computer engineering student.

4 Achievements

Learn more about Achievements
Submitted XSS Vulnerability
Submitted XSS Vulnerability
September 4, 2024
Submitted 10 Vulnerabilities
Submitted 10 Vulnerabilities
April 18, 2024
Submitted 5 Vulnerabilities
Submitted 5 Vulnerabilities
April 9, 2024
Submitted 1 Vulnerability
Submitted 1 Vulnerability
March 20, 2024
Learn more Learn more about Achievements

Showing 61-80 of 197 Vulnerabilities

Futurio Extra <= 2.0.11 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-50446
Oct 24, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
GeoDirectory <= 2.3.80 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-50437
Oct 24, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Magazine Blocks <= 1.3.15 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-50429
Oct 24, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Post Grid and Gutenberg Blocks <= 2.2.93 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-50432
Oct 24, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Selection Lite <= 1.13 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-50445
Oct 24, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Sky Addons for Elementor <= 2.5.15 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-50433
Oct 24, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Nexter Blocks <= 3.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-50452
Oct 24, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
The Pack Elementor addons <= 2.0.9 - Authenticated (Contributor+) Local File Inclusion
8.8
CVE-2024-50453
Oct 24, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Qode Essential Addons <= 1.6.3 - Authenticated (Contributor+) Local File Inclusion
8.8
CVE-2024-50457
Oct 24, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
PDF Generator Addon for Elementor Page Builder <= 1.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-50449
Oct 24, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Event Manager for WooCommerce <= 4.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-49703
Oct 21, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
AffiliateX <= 1.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-49692
Oct 21, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Agile Video Player Lite <= 1.0 - Reflected Cross-Site Scripting
6.1
CVE-2024-49636
Oct 21, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Banner Slider <= 2.1 - Reflected Cross-Site Scripting
6.1
CVE-2024-49635
Oct 21, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
BP Member Type Manager <= 1.01 - Reflected Cross-Site Scripting
6.1
CVE-2024-49634
Oct 21, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWD 3D Image Gallery <= 1.0 - Reflected Cross-Site Scripting
6.1
CVE-2024-49632
Oct 21, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
leenk.me <= 2.16.0 - Reflected Cross-Site Scripting
6.1
CVE-2024-49661
Oct 21, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Qi Blocks <= 1.3.2 - Authenticated (Contributor+) Local File Inclusion
8.8
CVE-2024-49690
Oct 21, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
myCred Elementor <= 1.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-49702
Oct 21, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Mega Elements <= 1.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-49693
Oct 21, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
Futurio Extra <= 2.0.11 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-50446 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 24, 2024
GeoDirectory <= 2.3.80 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-50437 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 24, 2024
Magazine Blocks <= 1.3.15 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-50429 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 24, 2024
Post Grid and Gutenberg Blocks <= 2.2.93 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-50432 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 24, 2024
Selection Lite <= 1.13 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-50445 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 24, 2024
Sky Addons for Elementor <= 2.5.15 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-50433 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 24, 2024
Nexter Blocks <= 3.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-50452 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 24, 2024
The Pack Elementor addons <= 2.0.9 - Authenticated (Contributor+) Local File Inclusion CVE-2024-50453 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 24, 2024
Qode Essential Addons <= 1.6.3 - Authenticated (Contributor+) Local File Inclusion CVE-2024-50457 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 24, 2024
PDF Generator Addon for Elementor Page Builder <= 1.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-50449 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 24, 2024
Event Manager for WooCommerce <= 4.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-49703 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 21, 2024
AffiliateX <= 1.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-49692 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 21, 2024
Agile Video Player Lite <= 1.0 - Reflected Cross-Site Scripting CVE-2024-49636 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N October 21, 2024
Banner Slider <= 2.1 - Reflected Cross-Site Scripting CVE-2024-49635 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N October 21, 2024
BP Member Type Manager <= 1.01 - Reflected Cross-Site Scripting CVE-2024-49634 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N October 21, 2024
CWD 3D Image Gallery <= 1.0 - Reflected Cross-Site Scripting CVE-2024-49632 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N October 21, 2024
leenk.me <= 2.16.0 - Reflected Cross-Site Scripting CVE-2024-49661 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N October 21, 2024
Qi Blocks <= 1.3.2 - Authenticated (Contributor+) Local File Inclusion CVE-2024-49690 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 21, 2024
myCred Elementor <= 1.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-49702 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 21, 2024
Mega Elements <= 1.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-49693 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 21, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation