Nguyen Xuan Chien

36
All Time Ranking
117
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 101-117 of 117 Vulnerabilities

Title CVE ID CVSS Vector Date
Easy Google Maps <= 1.11.7 - Cross-Site Request Forgery CVE-2023-33926 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L May 24, 2023
BEAR <= 1.1.3.1 - Cross-Site Request Forgery via Multiple Functions CVE-2023-33314 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N May 22, 2023
Better Notifications for WP <= 1.9.2 - Cross-Site Request Forgery via handle_actions CVE-2023-32964 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 18, 2023
Pro Mime Types - Manage file media types <= 1.0.7 - Cross-Site Request Forgery via pmt_settings_section_callback_tab_1 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N May 9, 2023
Pro Mime Types <= 1.0.7 - Cross-Site Request Forgery CVE-2023-32502 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 9, 2023
WPO365 | Mail Integration for Office 365 / Outlook <= 1.9.0 - reflected Cross-Site Scripting via error_description CVE-2023-32119 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N May 5, 2023
WP Directory Kit <= 1.1.9 - Open Redirect CVE-2023-31229 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N April 27, 2023
Zephyr Project Manager <= 3.3.9 - Open Redirect CVE-2023-31237 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N April 27, 2023
PropertyHive <= 1.5.48 - Reflected Cross-Site Scripting via date_post_id CVE-2023-22706 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 19, 2023
WooCommerce Easy Duplicate Product <= 0.3.0.0 - Reflected Cross-Site Scripting via wedp_duplicated CVE-2023-30747 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 17, 2023
Popup box <= 3.4.4 - Reflected Cross-Site Scripting via 'ays_pb_tab' Parameter CVE-2023-27414 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N March 8, 2023
GTmetrix for WordPress <= 0.4.5 - Reflected Cross-Site Scripting via 'url' CVE-2023-23677 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N March 2, 2023
Easy Testimonial Slider and Form <= 1.0.15 - Unauthenticated Reflected Cross-Site Scripting via search_term CVE-2022-46799 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N March 2, 2023
Booking Ultra Pro <= 1.1.6 - Cross-Site Request Forgery CVE-2022-46816 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H February 21, 2023
VikBooking Hotel Booking Engine & PMS <= 1.6.1 - Cross-Site Request Forgery in multiple functions in admin/controller.php CVE-2023-32501 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N February 15, 2023
VikBooking Hotel Booking Engine & PMS <= 1.6.1 - Cross-Site Request Forgery in listenTosFieldSavingTask function CVE-2023-32501 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N February 15, 2023
teachPress <= 8.1.8 - Unauthenticated Stored Cross-Site Scripting CVE-2023-22704 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N January 17, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation