Larry W. Cashdollar

34
All Time Ranking
135
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 41-60 of 135 Vulnerabilities

Title CVE ID CVSS Vector Date
Webcam Video Conference <= 4.91.8 - Unrestricted File Upload leading to Remote Code Execuction CVE-2015-9271 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H March 29, 2015
Google Adsense and Hotel Booking <= 1.05 - Open Proxy CVE-2015-1000009 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H August 15, 2015
Image Export < 1.1.1 - Path Traversal CVE-2015-5609 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N July 1, 2015
RK Responsive Contact Form <= 1.0.0 - SQL Injection CVE-2017-1002027 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H August 5, 2017
Event Expresso Free <= 3.1.37.11.L - Authenticated SQL Injection CVE-2017-1002026 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H July 4, 2017
surveys <= 1.01.8 - Authenticated SQL Injection CVE-2017-1002022 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H May 21, 2017
Membership Simplified <= 1.58 Beta - SQL Injection CVE-2017-1002010 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H March 17, 2017
eShop <= 6.3.14 - Multiple SQL Injections CVE-2016-0769 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H February 2, 2016
Cool Video Gallery <= 1.9 - Authenticated Command Injection CVE-2015-7527 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H December 2, 2015
wp-championship < 5.9 - SQL Injection CVE-2015-5308 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 23, 2015
Backup, Restore and Migrate WordPress Sites With the XCloner Plugin <= 3.1.2 - Remote Command Execution CVE-2015-4336 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H May 10, 2015
WP-DBManager < 2.72 - Command Injection CVE-2014-8335 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 13, 2014
Zip Attachments <= 1.5 - Directory Traversal CVE-2015-4694 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N June 12, 2015
File Download <= 1.4 - Open Proxy CVE-2015-1000002 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N March 27, 2017
WP-DBManager < 2.72 - OS Command Injection CVE-2014-8334 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 13, 2014
BackWPup <= 3.4.1 - Unauthenticated Backup Download CVE-2017-2551 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N September 8, 2017
Dtracker <= 1.5 - Missing Authorization CVE-2017-1002006 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N March 13, 2017
DTracker <= 1.5 - Authorization Bypass CVE-2017-1002007 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N March 8, 2017
wptf-image-gallery <= 1.0.3 - Arbitrary File Download CVE-2015-1000007 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N July 18, 2015
Recent Backups <= 0.7 - Directory Traversal CVE-2015-1000006 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N July 13, 2015

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation