Mallory Adams

61
All Time Ranking
56
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 21-40 of 56 Vulnerabilities

Title CVE ID CVSS Vector Date
Advanced Custom Fields: Table Field < 1.1.13 - Authenticated Stored Cross-Site Scripting 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N July 13, 2016
WatuPRO < 4.9.0.8 - Cross-Site Request Forgery CVE-2015-9418 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 1, 2015
Private Only <= 3.5.1 - Multiple Cross-Site Request Forgery CVE-2015-5483 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H August 26, 2015
WP OAuth Server (OAuth Authentication) < 3.1.5 - Pseudorandom Number Generation CVE-2015-9435 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H August 12, 2015
iFrame <= 3.0 - Reflected Cross-Site Scripting CVE-2015-6738 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 11, 2015
iFrame <= 4.0 - Stored Cross-Site Scripting CVE-2015-6738 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N August 10, 2015
MonsterInsights - Google Analytics Dashboard for WordPress <= 5.4.4 - Authenticated Stored Cross-Site Scripting 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N August 10, 2015
Flickr Justified Gallery < 3.4.0 - Reflected Cross-Site Scripting CVE-2015-9327 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N July 28, 2015
BuddyPress Activity Plus <= 1.5 - Cross-Site Request Forgery CVE-2015-9455 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H July 14, 2015
Plotly <= 1.0.2 - Stored Cross-Site Scripting CVE-2015-9347 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N July 13, 2015
Plotly < 1.0.3 - Stored Cross-Site Scripting CVE-2015-5484 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N July 13, 2015
The Events Calendar: Eventbrite Tickets < 3.10.2 - Cross-Site Scripting CVE-2015-5485 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N July 13, 2015
GD bbPress Attachments < 2.3 - Directory Traversal CVE-2015-5482 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H July 9, 2015
GD bbPress Attachments < 2.3 - Reflected Cross-Site Scripting CVE-2015-5481 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N July 8, 2015
WordPress Content Slide <= 1.4.2 - Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 16, 2015
Content Audit <= 1.6.0 - Authenticated (Admin+) SQL Injection CVE-2014-5389 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 1, 2014
Login Widget With Shortcode < 3.2.1 - Cross-Site Scripting CVE-2014-6312 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L September 17, 2014
WP-Ban < 1.64 - Improper Input Validation CVE-2014-6230 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N September 17, 2014
Improved User Search in Backend <= 1.2.5 - Cross-Site Request Forgery to Cross-Site Scripting CVE-2014-5196 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 13, 2014
Disable Comments – Remove Comments & Stop Spam [Multi-Site Support] < 1.0.4 - Cross-Site Request Forgery CVE-2014-2550 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H August 1, 2014

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation