Nguyen Xuan Chien

36
All Time Ranking
117
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 101-117 of 117 Vulnerabilities

Title CVE ID CVSS Vector Date
Woocommerce ESTO <= 2.23.1 - Cross-Site Request Forgery via saveSetting CVE-2023-44260 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 27, 2023
Laposta Signup Basic <= 1.4.1 - Cross-Site Request Forgery CVE-2023-41950 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 5, 2023
Use Memcached <= 1.0.5 - Cross-Site Request Forgery CVE-2023-41670 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 4, 2023
Hide admin notices – Admin Notification Center <= 2.3.2 - Cross-Site Request Forgery CVE-2023-41672 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 4, 2023
Sticky Social Media Icons <= 2.0 - Missing Authorization via ajax_request_handle CVE-2023-40672 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N August 21, 2023
Schedule Posts Calendar <= 5.2 - Cross-Site Request Forgery CVE-2023-40556 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 16, 2023
WP Pipes <= 1.4.0 - Cross-Site Request Forgery to Settings Update CVE-2023-40009 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 11, 2023
Sign-up Sheets <= 2.2.8 - Cross-Site Request Forgery CVE-2023-39165 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 7, 2023
Taboola <= 2.0.1 - Cross-Site Request Forgery to Plugin Settings Update CVE-2023-38398 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N July 24, 2023
MyCurator Content Curation <= 3.74 - Cross-Site Request Forgery CVE-2023-32104 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 22, 2023
Template Debugger <= 3.1.2 - Cross-Site Request Forgery CVE-2023-35773 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 16, 2023
Stock Manager for WooCommerce <= 2.10.0 - Cross-Site Request Forgery CVE-2023-35091 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 14, 2023
Ultimate Member <= 2.6.0 - Cross-Site Request Forgery to Form Duplication CVE-2023-31216 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 30, 2023
Better Notifications for WP <= 1.9.2 - Cross-Site Request Forgery via handle_actions CVE-2023-32964 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 18, 2023
Pro Mime Types <= 1.0.7 - Cross-Site Request Forgery CVE-2023-32502 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 9, 2023
VikBooking Hotel Booking Engine & PMS <= 1.6.1 - Cross-Site Request Forgery in multiple functions in admin/controller.php CVE-2023-32501 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N February 15, 2023
VikBooking Hotel Booking Engine & PMS <= 1.6.1 - Cross-Site Request Forgery in listenTosFieldSavingTask function CVE-2023-32501 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N February 15, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation