Rafie Muhammad

Organization: Patchstack

2
All Time Ranking
559
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 501-520 of 559 Vulnerabilities

Title CVE ID CVSS Vector Date
Complianz - GDPR/CCPA Cookie Consent <= 6.4.4 - Cross-Site Request Forgery via ajax_script_add CVE-2023-33333 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N May 12, 2023
Complianz - GDPR/CCPA Cookie Consent <= 6.4.4 - Cross-Site Request Forgery via ajax_delete_snapshot CVE-2023-33333 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L May 12, 2023
Complianz - GDPR/CCPA Cookie Consent <= 6.4.4 - Cross-Site Request Forgery via run_sync CVE-2023-33333 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 12, 2023
Essential Addons for Elementor <= 5.7.1 - Unauthenticated Arbitrary Password Reset to Privilege Escalation CVE-2023-32243 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H May 11, 2023
Slimstat Analytics <= 5.0.4 - Authenticated (Administrator+) SQL Injection CVE-2022-45373 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 11, 2023
Bookly <= 21.7.1 - Arbitrary File Deletion CVE-2023-26526 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H May 11, 2023
Slimstat Analytics <= 5.0.4 - Reflected Cross-Site Scripting CVE-2022-45366 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N May 11, 2023
GiveWP <= 2.25.3 - Authenticated (Admin+) PHP Object Injection CVE-2023-32513 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H May 10, 2023
Google Analytics by Monster Insights <= 8.14.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-23999 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N May 10, 2023
Download Monitor <= 4.7.60 - Sensitive Information Exposure via REST API CVE-2022-45354 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N May 10, 2023
Yoast SEO Premium <= 20.4 - Missing Authorization to Zapier Key Reset CVE-2023-28775 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N May 9, 2023
Yoast SEO: Local <= 14.8 - Cross-Site Request Forgery CVE-2023-28780 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 9, 2023
ExactMetrics <= 7.14.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-23880 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N May 9, 2023
Divi <= 4.20.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-29099 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N May 9, 2023
Yoast SEO: Local <= 14.8 - Reflected Cross-Site Scripting CVE-2023-32300 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N May 9, 2023
Advanced Custom Fields (Free and Pro) 5.8.10 to 5.12.5 & 6.0.0 to 6.1.5 - Reflected Cross-Site Scripting via 'post_status' CVE-2023-30777 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N May 4, 2023
JupiterX Theme <= 3.0.0 - Authenticated Local File Inclusion via print_pane CVE-2023-32110 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N May 3, 2023
Flatsome <= 3.16.8 - Reflected Cross-Site Scripting in UX Builder CVE-2023-28994 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 25, 2023
YARPP <= 5.30.4 - Authenticated (Subscriber+) Local File Inclusion CVE-2022-45374 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H April 18, 2023
Quiz and Survey Master <= 8.1.4 - Unauthenticated SQL Injection CVE-2023-28787 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H April 16, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation