5
All Time Ranking
416
All Time Discoveries
4
90 Day Published Submissions
11 Dec '24
Last Published Submission
Submitted 5 Vulnerabilities
Submitted 5 Vulnerabilities
December 11, 2024
Submitted 1 Vulnerability
Submitted 1 Vulnerability
September 24, 2024

Showing 201-220 of 416 Vulnerabilities

Title CVE ID CVSS Vector Date
Novo-Map : your WP posts on custom google maps <= 1.1.2 - Cross-Site Request Forgery CVE-2023-46190 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 18, 2023
RumbleTalk Live Group Chat <= 6.1.9 - Missing Authorization via handleRequest CVE-2023-45828 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L October 13, 2023
Comments Ratings <= 1.1.7 - Cross-Site Request Forgery CVE-2023-45654 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 12, 2023
Lazy Load for Videos <= 2.18.2 - Cross-Site Request Forgery CVE-2023-45656 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 12, 2023
PixFields <= 0.7.0 - Cross-Site Request Forgery CVE-2023-45655 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 12, 2023
Post Gallery <= 2.3.12 - Cross-Site Request Forgery CVE-2023-45752 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 12, 2023
Video Playlist For YouTube <= 6.1 - Cross-Site Request Forgery CVE-2023-45653 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 12, 2023
PDF Block <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-45646 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 12, 2023
HTML5 Maps <= 1.7.1.4 - Cross-Site Request Forgery CVE-2023-45650 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 12, 2023
Remote Content Shortcode <= 1.5 - Authenticated(Contributor+) Local File Inclusion via shortcode CVE-2023-45652 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L October 12, 2023
QR Twitter Widget <= 0.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode CVE-2023-45628 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 11, 2023
Simple URLs <= 120 - Cross-Site Request Forgery via Multiple AJAX Actions CVE-2023-45606 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L October 11, 2023
IRivYou <= 2.2.1 - Cross-Site Request Forgery via saveOptionsReviewsPlugin CVE-2023-45267 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 6, 2023
Urvanov Syntax Highlighter <= 2.8.33 - Cross-Site Request Forgery via init_ajax CVE-2023-45106 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L October 6, 2023
Blog Manager Light <= 1.20 - Cross-Site Request Forgery via bml_settings CVE-2023-45102 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 6, 2023
Pinpoint Booking System <= 2.9.9.4.0 - Cross-Site Request Forgery via initBackEndAJAX CVE-2023-45270 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L October 6, 2023
Simple SEO <= 2.0.25 - Cross-Site Request Forgery via multiple admin_post functions CVE-2023-45269 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L October 6, 2023
GoodBarber <= 1.0.23 - Cross-Site Request Forgery via admin_options CVE-2023-45107 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 6, 2023
Hitsteps Web Analytics <= 5.86 - Cross-Site Request Forgery via hst_optionpage CVE-2023-45268 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 6, 2023
Mailrelay <= 2.1.1 - Cross-Site Request Forgery via render_admin_page CVE-2023-45108 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 6, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation