Wordfence Intelligence   >   Vulnerability Researchers   >   Rafie Muhammad

Rafie Muhammad

Organization: Patchstack

2
All Time Ranking
559
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 301-320 of 559 Vulnerabilities

Cornerstone <= 0.8.0 - Reflected Cross-Site Scripting
6.1
CVE-2024-28002
Apr 26, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
XStore Core <= 5.3.8 - Reflected Cross-Site Scripting
6.1
CVE-2024-33554
Apr 25, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
VOD Infomaniak <= 1.5.6 - Reflected Cross-Site Scripting
6.1
CVE-2024-33571
Apr 25, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
XStore <= 9.3.8 - Reflected Cross-Site Scripting
6.1
CVE-2024-33562
Apr 25, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
WooCommerce Amazon Affiliates - Wordpress Plugin <= 14.0.10 - Reflected Cross-Site Scripting
6.1
CVE-2024-33548
Apr 25, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
UDesign <= 4.7.3 - Reflected Cross-Site Scripting
6.1
CVE-2024-4077
Apr 23, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
WP 2FA – Two-factor authentication for WordPress <= 2.6.2 - Reflected Cross-Site Scripting
6.1
CVE-2024-32568
Apr 16, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Cornerstone <= 0.8.0 - Reflected Cross-Site Scripting via PHP_SELF
6.1
CVE-2024-32570
Apr 16, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
WP Cost Estimation & Payment Forms Builder <= 10.1.75 - Reflected Cross-Site Scripting
6.1
CVE-2024-32510
Apr 15, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Mailster <= 1.0.3 - Reflected Cross-Site Scripting
6.1
CVE-2024-30503
Mar 28, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Post Grid <= 2.2.74 - Reflected Cross-Site Scripting
6.1
CVE-2024-30441
Mar 28, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Email Subscribers & Newsletters <= 5.7.11 - Reflected Cross-Site Scripting via campaign_id
6.1
CVE-2024-22300
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.4.0 - Reflected Cross-Site Scripting
6.1
CVE-2024-22288
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Simply Schedule Appointments <= 1.6.6.20 - Reflected Cross-Site Scripting
6.1
CVE-2024-22311
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
FV Flowplayer Video Player <= 7.5.41.7212 - Reflected Cross-Site Scripting
6.1
CVE-2024-22299
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Product Feed PRO for WooCommerce by AdTribes – WooCommerce Product Feeds for Google, Facebook/Meta, Bing, & More <= 13.2.5 - Reflected Cross-Site Scripting
6.1
CVE-2024-24800
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Seriously Simple Podcasting <= 3.0.2 - Reflected Cross-Site Scripting
6.1
CVE-2024-25599
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.4.2 - Reflected Cross-Site Scripting
6.1
CVE-2024-30200
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
WP Editor <= 1.2.8 - Reflected Cross-Site Scripting
6.1
CVE-2024-24700
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Preview E-mails for WooCommerce <= 2.2.1 - Reflected Cross-Site Scripting
6.1
CVE-2024-27999
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
Cornerstone <= 0.8.0 - Reflected Cross-Site Scripting CVE-2024-28002 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 26, 2024
XStore Core <= 5.3.8 - Reflected Cross-Site Scripting CVE-2024-33554 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 25, 2024
VOD Infomaniak <= 1.5.6 - Reflected Cross-Site Scripting CVE-2024-33571 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 25, 2024
XStore <= 9.3.8 - Reflected Cross-Site Scripting CVE-2024-33562 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 25, 2024
WooCommerce Amazon Affiliates - Wordpress Plugin <= 14.0.10 - Reflected Cross-Site Scripting CVE-2024-33548 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 25, 2024
UDesign <= 4.7.3 - Reflected Cross-Site Scripting CVE-2024-4077 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 23, 2024
WP 2FA – Two-factor authentication for WordPress <= 2.6.2 - Reflected Cross-Site Scripting CVE-2024-32568 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 16, 2024
Cornerstone <= 0.8.0 - Reflected Cross-Site Scripting via PHP_SELF CVE-2024-32570 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 16, 2024
WP Cost Estimation & Payment Forms Builder <= 10.1.75 - Reflected Cross-Site Scripting CVE-2024-32510 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 15, 2024
Mailster <= 1.0.3 - Reflected Cross-Site Scripting CVE-2024-30503 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N March 28, 2024
Post Grid <= 2.2.74 - Reflected Cross-Site Scripting CVE-2024-30441 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N March 28, 2024
Email Subscribers & Newsletters <= 5.7.11 - Reflected Cross-Site Scripting via campaign_id CVE-2024-22300 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N March 26, 2024
WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.4.0 - Reflected Cross-Site Scripting CVE-2024-22288 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N March 26, 2024
Simply Schedule Appointments <= 1.6.6.20 - Reflected Cross-Site Scripting CVE-2024-22311 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N March 26, 2024
FV Flowplayer Video Player <= 7.5.41.7212 - Reflected Cross-Site Scripting CVE-2024-22299 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N March 26, 2024
Product Feed PRO for WooCommerce by AdTribes – WooCommerce Product Feeds for Google, Facebook/Meta, Bing, & More <= 13.2.5 - Reflected Cross-Site Scripting CVE-2024-24800 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N March 26, 2024
Seriously Simple Podcasting <= 3.0.2 - Reflected Cross-Site Scripting CVE-2024-25599 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N March 26, 2024
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.4.2 - Reflected Cross-Site Scripting CVE-2024-30200 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N March 26, 2024
WP Editor <= 1.2.8 - Reflected Cross-Site Scripting CVE-2024-24700 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N March 26, 2024
Preview E-mails for WooCommerce <= 2.2.1 - Reflected Cross-Site Scripting CVE-2024-27999 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N March 26, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation