Rafie Muhammad

Organization: Patchstack

2
All Time Ranking
559
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 541-559 of 559 Vulnerabilities

Title CVE ID CVSS Vector Date
WooCommerce Ship to Multiple Addresses <= 3.8.5 - Cross-Site Request Forgery CVE-2023-36514 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 26, 2023
AutomateWoo <= 5.7.5 - Cross-Site Request Forgery CVE-2023-36513 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 26, 2023
Complianz <= 6.4.5 (Premium <= 6.4.7) - Cross-Site Request Forgery CVE-2023-34030 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 20, 2023
WooCommerce PayPal Payments <= 2.0.4 - Cross-Site Request Forgery CVE-2023-35917 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 20, 2023
WooCommerce Square <= 3.8.1 - Missing Authorization via multiple AJAX actions CVE-2023-35876 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N June 19, 2023
WooCommerce Brands <= 1.6.49 - Cross-Site Request Forgery CVE-2023-35880 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 19, 2023
Complianz | GDPR/CCPA Cookie Consent <= 6.4.5 - Cross-Site Request Forgery CVE-2023-34030 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 30, 2023
WooCommerce Follow-Up Emails <= 4.9.40 - Cross-Site Request Forgery CVE-2023-33316 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 22, 2023
WooCommerce Product Recommendations < 2.3.0 - Cross-Site Request Forgery CVE-2023-32744 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 15, 2023
AutomateWoo <= 5.7.1 - Cross-Site Request Forgery CVE-2023-32745 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 15, 2023
WooCommerce Product Add-ons <= 6.1.3 - Cross-Site Request Forgery CVE-2023-32794 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 15, 2023
WooCommerce Bookings <= 1.15.78 - Insecure Direct Object Reference CVE-2023-32747 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N May 15, 2023
WooCommerce Ship to Multiple Addresses <= 3.8.3 - Insecure Direct Object Reference CVE-2023-32799 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N May 15, 2023
Complianz - GDPR/CCPA Cookie Consent <= 6.4.4 - Cross-Site Request Forgery via maybe_install_suggested_plugins CVE-2023-33333 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 12, 2023
Complianz - GDPR/CCPA Cookie Consent <= 6.4.4 - Cross-Site Request Forgery via run_sync CVE-2023-33333 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 12, 2023
Yoast SEO: Local <= 14.8 - Cross-Site Request Forgery CVE-2023-28780 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 9, 2023
Loginizer <= 1.7.5 - Cross-Site Request Forgery CVE-2022-45079 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N December 5, 2022
GiveWP <= 2.25.1 - Authenticated (Admin+) Server-Side Request Forgery via give_get_content_by_ajax_handler CVE-2022-40312 4.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N March 8, 2023
Prime Slider – Addons For Elementor <= 3.13.2 - Missing Authorization CVE-2024-32681 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N April 17, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation