Wordfence Intelligence   >   Vulnerability Researchers   >   LVT-tholv2k

LVT-tholv2k

19
All Time Ranking
187
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 1-20 of 187 Vulnerabilities

Kognetiks Chatbot for WordPress <= 2.0.0 - Unauthenticated Arbitrary File Upload
10.0
CVE-2024-32700
May 13, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
WP-Recall – Registration, Profile, Commerce & More <= 16.26.5 - Unauthenticated SQL Injection
10.0
CVE-2024-32709
Apr 22, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
ProfileGrid <= 5.7.8 - Unauthenticated SQL Injection
10.0
CVE-2024-30490
Mar 28, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CRM Perks Forms <= 1.1.4 - Unauthenticated SQL Injection
10.0
CVE-2024-30498
Mar 28, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
PayPlus Payment Gateway <= 7.0.7 - Authenticated (Subscriber+) SQL Injection
9.9
CVE-2024-37564
Jul 9, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Youzify <= 1.2.5 - Authenticated (Contributor+) SQL Injection
9.9
CVE-2024-37494
Jul 4, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Zoho Marketing Automation <= 1.2.7 - Authenticated (Contributor+) SQL Injection
9.9
CVE-2024-37225
Jun 21, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Gallery – Image and Video Gallery with Thumbnails <= 2.0.3 - Authenticated (Contributor+) SQL Injection
9.9
CVE-2024-35750
Jun 6, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
WP-Recall – Registration, Profile, Commerce & More <= 16.26.5 - Authenticated (Contributor+) SQL Injection
9.9
CVE-2024-32710
Apr 22, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Slideshow Gallery <= 1.7.8 - Authenticated (Contributor+) SQL Injection
9.9
CVE-2024-31355
Apr 7, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Easy Form Builder <= 3.7.4 - Authenticated (Contributor+) SQL Injection
9.9
CVE-2024-30535
Mar 29, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CRM Perks Forms <= 1.1.4 - Authenticated (Contributor+) SQL Injection
9.9
CVE-2024-30499
Mar 28, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
WP Responsive Tabs horizontal vertical and accordion Tabs <= 1.1.17 - Authenticated (Contributor+) SQL Injection
9.9
CVE-2024-30497
Mar 28, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
ProfileGrid <= 5.7.8 - Authenticated (Subscriber+) SQL Injection
9.9
CVE-2024-30491
Mar 28, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Zotpress <= 7.3.7 - Authenticated (Contributor+) SQL Injection
9.9
CVE-2024-30488
Mar 28, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Zoho Campaigns <= 2.0.6 - Authenticated (Contributor+) SQL Injection
9.9
CVE-2024-30239
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Photos and Files Contest Gallery <= 21.3.2 - Authenticated (Contributor+) SQL Injection
9.9
CVE-2024-30238
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup <= 4.0.26 - Authenticated (Contributor+) PHP Object Injection
9.8
CVE-2024-30222
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup <= 4.0.26 - Unauthenticated PHP Object Injection
9.8
CVE-2024-30223
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Active Products Tables for WooCommerce <= 1.0.6 - Unauthenticated PHP Object Injection
9.8
CVE-2023-51505
Dec 27, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Title CVE ID CVSS Vector Date
Kognetiks Chatbot for WordPress <= 2.0.0 - Unauthenticated Arbitrary File Upload CVE-2024-32700 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H May 13, 2024
WP-Recall – Registration, Profile, Commerce & More <= 16.26.5 - Unauthenticated SQL Injection CVE-2024-32709 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H April 22, 2024
ProfileGrid <= 5.7.8 - Unauthenticated SQL Injection CVE-2024-30490 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H March 28, 2024
CRM Perks Forms <= 1.1.4 - Unauthenticated SQL Injection CVE-2024-30498 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H March 28, 2024
PayPlus Payment Gateway <= 7.0.7 - Authenticated (Subscriber+) SQL Injection CVE-2024-37564 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H July 9, 2024
Youzify <= 1.2.5 - Authenticated (Contributor+) SQL Injection CVE-2024-37494 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H July 4, 2024
Zoho Marketing Automation <= 1.2.7 - Authenticated (Contributor+) SQL Injection CVE-2024-37225 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H June 21, 2024
Gallery – Image and Video Gallery with Thumbnails <= 2.0.3 - Authenticated (Contributor+) SQL Injection CVE-2024-35750 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H June 6, 2024
WP-Recall – Registration, Profile, Commerce & More <= 16.26.5 - Authenticated (Contributor+) SQL Injection CVE-2024-32710 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H April 22, 2024
Slideshow Gallery <= 1.7.8 - Authenticated (Contributor+) SQL Injection CVE-2024-31355 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H April 7, 2024
Easy Form Builder <= 3.7.4 - Authenticated (Contributor+) SQL Injection CVE-2024-30535 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 29, 2024
CRM Perks Forms <= 1.1.4 - Authenticated (Contributor+) SQL Injection CVE-2024-30499 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 28, 2024
WP Responsive Tabs horizontal vertical and accordion Tabs <= 1.1.17 - Authenticated (Contributor+) SQL Injection CVE-2024-30497 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 28, 2024
ProfileGrid <= 5.7.8 - Authenticated (Subscriber+) SQL Injection CVE-2024-30491 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 28, 2024
Zotpress <= 7.3.7 - Authenticated (Contributor+) SQL Injection CVE-2024-30488 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 28, 2024
Zoho Campaigns <= 2.0.6 - Authenticated (Contributor+) SQL Injection CVE-2024-30239 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 26, 2024
Photos and Files Contest Gallery <= 21.3.2 - Authenticated (Contributor+) SQL Injection CVE-2024-30238 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 26, 2024
ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup <= 4.0.26 - Authenticated (Contributor+) PHP Object Injection CVE-2024-30222 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H March 26, 2024
ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup <= 4.0.26 - Unauthenticated PHP Object Injection CVE-2024-30223 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H March 26, 2024
Active Products Tables for WooCommerce <= 1.0.6 - Unauthenticated PHP Object Injection CVE-2023-51505 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H December 27, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation