Nguyen Xuan Chien

36
All Time Ranking
117
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 81-100 of 117 Vulnerabilities

Title CVE ID CVSS Vector Date
Hide admin notices – Admin Notification Center <= 2.3.2 - Cross-Site Request Forgery CVE-2023-41672 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 4, 2023
Premmerce User Roles <= 1.0.12 - Missing Authorization via role management functions CVE-2023-41130 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L August 24, 2023
Sticky Social Media Icons <= 2.0 - Missing Authorization via ajax_request_handle CVE-2023-40672 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N August 21, 2023
Schedule Posts Calendar <= 5.2 - Cross-Site Request Forgery CVE-2023-40556 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 16, 2023
WP Pipes <= 1.4.0 - Cross-Site Request Forgery to Settings Update CVE-2023-40009 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 11, 2023
Sign-up Sheets <= 2.2.8 - Cross-Site Request Forgery CVE-2023-39165 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 7, 2023
User Email Verification for WooCommerce <= 3.5.0 - Reflected Cross-Site Scripting CVE-2023-39162 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N July 26, 2023
Taboola <= 2.0.1 - Cross-Site Request Forgery to Plugin Settings Update CVE-2023-38398 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N July 24, 2023
WP-FB-AutoConnect <= 4.6.1 - Cross-Site Request Forgery via jfb_admin_page CVE-2023-37974 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L July 12, 2023
Variation Images Gallery for WooCommerce <= 2.3.3 - Reflected Cross-Site Scripting via style CVE-2023-37894 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N July 12, 2023
WCP OpenWeather <= 2.5.0 - Reflected Cross-Site Scripting via 'tab' CVE-2023-25471 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 28, 2023
MyCurator Content Curation <= 3.74 - Cross-Site Request Forgery CVE-2023-32104 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 22, 2023
Template Debugger <= 3.1.2 - Cross-Site Request Forgery CVE-2023-35773 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 16, 2023
Google Map Shortcode <= 3.1.2 - Reflected Cross-Site Scripting CVE-2023-35772 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 16, 2023
Who Hit The Page – Hit Counter <= 1.4.14.3 - Reflected Cross-Site Scripting CVE-2023-25466 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 16, 2023
Stock Manager for WooCommerce <= 2.10.0 - Cross-Site Request Forgery CVE-2023-35091 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 14, 2023
WordPress Social Login <= 3.0.4 - Reflected Cross-Site Scripting CVE-2023-34023 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N May 31, 2023
Woocommerce Order address Print <= 3.2 - Reflected Cross-Site Scripting CVE-2023-34184 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N May 30, 2023
Ultimate Member <= 2.6.0 - Cross-Site Request Forgery to Form Duplication CVE-2023-31216 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 30, 2023
WooCommerce Product Categories Selection Widget <= 2.0 - Reflected Cross-Site Scripting CVE-2023-33925 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N May 25, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation