Rio Darmawan

Organization: Zerobyte

20
All Time Ranking
190
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 141-160 of 190 Vulnerabilities

Title CVE ID CVSS Vector Date
Advanced Social Pixel <= 2.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-24381 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 27, 2023
WP Terms Popup <= 2.6.0 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-24006 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 23, 2023
Modal Dialog <= 3.5.9 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-24001 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 23, 2023
WP Smart Preloader <= 1.15 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-23675 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 20, 2023
AGP Font Awesome Collection <= 3.2.4 - Cross-Site Request Forgery CVE-2023-45749 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 12, 2023
Constant Contact Forms by MailMunch <= 2.0.10 - Cross-Site Request Forgery CVE-2023-45647 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 12, 2023
WP Power Stats <= 2.2.3 - Cross-Site Request Forgery CVE-2023-45011 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 3, 2023
Mang Board WP <= 1.8.1 - Cross-Site Request Forgery CVE-2023-44257 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 27, 2023
Mediavine Control Panel <= 2.10.2 - Cross-Site Request Forgery via render_settings_page CVE-2023-44259 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 27, 2023
WP Custom Post Template <= 1.0 - Cross-Site Request Forgery CVE-2023-41851 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 5, 2023
Outbound Link Manager <= 1.2 - Cross-Site Request Forgery CVE-2023-41850 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 5, 2023
wpCentral <= 1.5.7 - Cross-Site Request Forgery CVE-2023-41854 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 5, 2023
Order Delivery Date for WP e-Commerce <= 1.2 - Cross-Site Request Forgery CVE-2023-41858 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 5, 2023
Multi-column Tag Map <= 17.0.26 - Cross-Site Request Forgery CVE-2023-41651 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 1, 2023
Better Elementor Addons <= 1.3.8 - Missing Authorization CVE-2023-41656 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N September 1, 2023
Remove/hide Author, Date, Category Like Entry-Meta <= 2.1 - Cross-Site Request Forgery CVE-2023-41650 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 1, 2023
authLdap <= 2.5.8 - Cross-Site Request Forgery CVE-2023-41654 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 1, 2023
Social Share Boost <= 4.5 - Cross-Site Request Forgery via 'syntatical_settings_content' CVE-2023-25033 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 28, 2023
MakeStories (for Google Web Stories) <= 3.0.2 - Cross-Site Request Forgery via 'ms_set_options' CVE-2023-27448 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 28, 2023
Post and Page Builder by BoldGrid – Visual Drag and Drop Editor <= 1.24.1 - Cross-Site Request Forgery via submitDefaultEditor CVE-2023-25480 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N August 22, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation