Rio Darmawan

Organization: Zerobyte

20
All Time Ranking
190
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 21-40 of 190 Vulnerabilities

Title CVE ID CVSS Vector Date
Popup contact form <= 7.1 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-44265 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 28, 2023
Blocks <= 1.6.42 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-44262 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 28, 2023
The Awesome Feed – Custom Feed <= 2.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-44264 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N September 28, 2023
Mediavine Control Panel <= 2.10.2 - Cross-Site Request Forgery via render_settings_page CVE-2023-44259 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 27, 2023
Mang Board WP <= 1.8.1 - Cross-Site Request Forgery CVE-2023-44257 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 27, 2023
Schema App Structured Data <= 1.22.3 - Missing Authorization via page_init CVE-2023-44258 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N September 27, 2023
Outbound Link Manager <= 1.2 - Cross-Site Request Forgery CVE-2023-41850 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 5, 2023
wordpress publish post email notification <= 1.0.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41731 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Back To The Top Button <= 2.1.6 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41733 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Insert Estimated Reading Time <= 1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41734 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Swifty Bar, sticky bar by WPGens <= 1.2.10 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41737 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Locations <= 4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-41797 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N September 5, 2023
WP Custom Post Template <= 1.0 - Cross-Site Request Forgery CVE-2023-41851 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 5, 2023
Order Delivery Date for WP e-Commerce <= 1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41859 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Order Delivery Date for WP e-Commerce <= 1.2 - Cross-Site Request Forgery CVE-2023-41858 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 5, 2023
UniConsent Cookie Consent CMP for GDPR / CCPA <= 1.4.3 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41800 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
wpCentral <= 1.5.7 - Cross-Site Request Forgery CVE-2023-41854 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 5, 2023
Multi-column Tag Map <= 17.0.26 - Cross-Site Request Forgery CVE-2023-41651 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 1, 2023
Remove/hide Author, Date, Category Like Entry-Meta <= 2.1 - Cross-Site Request Forgery CVE-2023-41650 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 1, 2023
Better Elementor Addons <= 1.3.8 - Missing Authorization CVE-2023-41656 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N September 1, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation