Wordfence Intelligence   >   Vulnerability Researchers   >   LVT-tholv2k

LVT-tholv2k

17
All Time Ranking
229
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 61-80 of 229 Vulnerabilities

Quran Shortcode <= 1.5 - Authenticated (Contributor+) SQL Injection
6.5
CVE-2024-51625
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Website price calculator <= 4.1 - Authenticated (Contributor+) SQL Injection
6.5
CVE-2024-51601
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Porsline <= 1.0.2 - Authenticated (Contributor+) SQL Injection
6.5
CVE-2024-51620
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Market 360 Viewer <= 1.01 - Authenticated (Contributor+) SQL Injection
6.5
CVE-2024-51619
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lodgix.com Vacation Rental Website Builder <= 3.9.73 - Authenticated (Contributor+) SQL Injection
6.5
CVE-2024-50539
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Golf Tracker <= 0.7 - Authenticated (Contributor+) SQL Injection
6.5
CVE-2024-51607
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Blrt WP Embed <= 1.6.9 - Authenticated (Contributor+) SQL Injection
6.5
CVE-2024-51606
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AmaDiscount <= 1.0 - Authenticated (Contributor+) SQL Injection
6.5
CVE-2024-51608
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Multiple Page Generator Plugin – MPG <= 3.4.7 - Authenticated (Contributor+) SQL Injection
6.5
CVE-2024-47325
Sep 25, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Geo Mashup <= 1.13.12 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.5
CVE-2024-44008
Sep 16, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Copy Anything to Clipboard <= 4.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-52419
Nov 13, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Location Click Map <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51844
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Custom Add to Cart Button Label and Link <= 1.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-49296
Oct 15, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
PeproDev Ultimate Invoice <= 2.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-49298
Oct 15, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Quill Forms <= 3.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-47393
Sep 30, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Spiffy Calendar <= 4.9.13 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-45457
Sep 12, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
azurecurve Toggle Show/Hide <= 2.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-43961
Aug 26, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Modal Window <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-43346
Aug 16, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Livemesh Addons for WPBakery Page Builder <= 3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-43320
Aug 16, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
myCred <= 2.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-43353
Aug 16, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
Quran Shortcode <= 1.5 - Authenticated (Contributor+) SQL Injection CVE-2024-51625 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
Website price calculator <= 4.1 - Authenticated (Contributor+) SQL Injection CVE-2024-51601 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
Porsline <= 1.0.2 - Authenticated (Contributor+) SQL Injection CVE-2024-51620 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
Market 360 Viewer <= 1.01 - Authenticated (Contributor+) SQL Injection CVE-2024-51619 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
Lodgix.com Vacation Rental Website Builder <= 3.9.73 - Authenticated (Contributor+) SQL Injection CVE-2024-50539 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
Golf Tracker <= 0.7 - Authenticated (Contributor+) SQL Injection CVE-2024-51607 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
Blrt WP Embed <= 1.6.9 - Authenticated (Contributor+) SQL Injection CVE-2024-51606 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
AmaDiscount <= 1.0 - Authenticated (Contributor+) SQL Injection CVE-2024-51608 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
Multiple Page Generator Plugin – MPG <= 3.4.7 - Authenticated (Contributor+) SQL Injection CVE-2024-47325 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N September 25, 2024
Geo Mashup <= 1.13.12 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-44008 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L September 16, 2024
Copy Anything to Clipboard <= 4.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-52419 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 13, 2024
Location Click Map <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51844 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Custom Add to Cart Button Label and Link <= 1.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-49296 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 15, 2024
PeproDev Ultimate Invoice <= 2.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-49298 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 15, 2024
Quill Forms <= 3.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-47393 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N September 30, 2024
Spiffy Calendar <= 4.9.13 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-45457 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N September 12, 2024
azurecurve Toggle Show/Hide <= 2.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-43961 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N August 26, 2024
Modal Window <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-43346 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N August 16, 2024
Livemesh Addons for WPBakery Page Builder <= 3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-43320 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N August 16, 2024
myCred <= 2.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-43353 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N August 16, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation