LVT-tholv2k

17
All Time Ranking
226
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 1-20 of 226 Vulnerabilities

Title CVE ID CVSS Vector Date
Kognetiks Chatbot for WordPress <= 2.0.0 - Unauthenticated Arbitrary File Upload CVE-2024-32700 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H May 13, 2024
WP-Recall – Registration, Profile, Commerce & More <= 16.26.5 - Unauthenticated SQL Injection CVE-2024-32709 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H April 22, 2024
ProfileGrid <= 5.7.8 - Unauthenticated SQL Injection CVE-2024-30490 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H March 28, 2024
CRM Perks Forms <= 1.1.4 - Unauthenticated SQL Injection CVE-2024-30498 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H March 28, 2024
PayPlus Payment Gateway <= 7.0.7 - Authenticated (Subscriber+) SQL Injection CVE-2024-37564 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H July 9, 2024
Youzify <= 1.2.5 - Authenticated (Contributor+) SQL Injection CVE-2024-37494 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H July 4, 2024
Zoho Marketing Automation <= 1.2.7 - Authenticated (Contributor+) SQL Injection CVE-2024-37225 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H June 21, 2024
Gallery – Image and Video Gallery with Thumbnails <= 2.0.3 - Authenticated (Contributor+) SQL Injection CVE-2024-35750 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H June 6, 2024
WP-Recall – Registration, Profile, Commerce & More <= 16.26.5 - Authenticated (Contributor+) SQL Injection CVE-2024-32710 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H April 22, 2024
Slideshow Gallery <= 1.7.8 - Authenticated (Contributor+) SQL Injection CVE-2024-31355 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H April 7, 2024
Easy Form Builder <= 3.7.4 - Authenticated (Contributor+) SQL Injection CVE-2024-30535 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 29, 2024
ProfileGrid <= 5.7.8 - Authenticated (Subscriber+) SQL Injection CVE-2024-30491 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 28, 2024
CRM Perks Forms <= 1.1.4 - Authenticated (Contributor+) SQL Injection CVE-2024-30499 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 28, 2024
WP Responsive Tabs horizontal vertical and accordion Tabs <= 1.1.17 - Authenticated (Contributor+) SQL Injection CVE-2024-30497 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 28, 2024
Zotpress <= 7.3.7 - Authenticated (Contributor+) SQL Injection CVE-2024-30488 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 28, 2024
Zoho Campaigns <= 2.0.6 - Authenticated (Contributor+) SQL Injection CVE-2024-30239 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 26, 2024
Photos and Files Contest Gallery <= 21.3.2 - Authenticated (Contributor+) SQL Injection CVE-2024-30238 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 26, 2024
My Reading Library <= 1.0 - Unauthenticated PHP Object Injection CVE-2024-49318 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 15, 2024
Recently <= 1.1 - Unauthenticated PHP Object Injection CVE-2024-49218 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 14, 2024
Telecash Ricaricaweb <= 2.2 - Unauthenticated PHP Object Injection CVE-2024-48030 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 9, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation