Wordfence Intelligence   >   Vulnerability Researchers   >   SOPROBRO

SOPROBRO

7
All Time Ranking
397
All Time Discoveries
37
90 Day Published Submissions
20 Dec '24
Last Published Submission

5 Achievements

Learn more about Achievements
Submitted 25 Vulnerabilities
Submitted 25 Vulnerabilities
December 11, 2024
Submitted 10 Vulnerabilities
Submitted 10 Vulnerabilities
November 22, 2024
Submitted 5 Vulnerabilities
Submitted 5 Vulnerabilities
November 20, 2024
Submitted 1 Vulnerability
Submitted 1 Vulnerability
November 20, 2024
Submitted XSS Vulnerability
Submitted XSS Vulnerability
November 20, 2024
Learn more Learn more about Achievements

Showing 301-320 of 397 Vulnerabilities

UPDATE NOTIFICATIONS <= 0.3.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting
6.1
CVE-2024-51653
Nov 1, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Skip To <= 2.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
6.1
CVE-2024-51652
Nov 1, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Addressbook <= 1.1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting
6.1
CVE-2024-51644
Nov 1, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Platform.ly Official <= 1.1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting
6.1
CVE-2024-51687
Nov 1, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
SH Slideshow <= 4.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting
6.1
CVE-2024-51632
Nov 1, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
WP Pocket URLs <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51681
Nov 1, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Knowledge Base <= 2.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51677
Nov 1, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Simple Page Specific Sidebars <= 2.14.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
6.1
CVE-2024-51633
Nov 1, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
e-shops <= 1.0.3 - Cross-Site Request Forgery to Reflected Cross-Site Scripting
6.1
CVE-2024-51648
Nov 1, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Random Featured Post <= 1.1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting
6.1
CVE-2024-51650
Nov 1, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
SmartLink Dynamic URLs <= 1.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
6.1
CVE-2024-51657
Nov 1, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Webriti Custom Login <= 0.3 - Cross-Site Request Forgery to Reflected Cross-Site Scripting
6.1
CVE-2024-51634
Nov 1, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
APK Downloader <= 1.0.0 - Cross-Site Request Forgery to Stored Cross Site Scripting
6.1
CVE-2024-51654
Nov 1, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
ML Responsive Audio player with playlist Shortcode <= 0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51573
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Simple Goods <= 0.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51574
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
MyOrderDesk <= 3.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-50546
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
GDReseller <= 1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-50536
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
TradeMe widgets <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51613
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Custom Admin Menu <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51618
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
WP Feature Box <= 0.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51611
Oct 31, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
UPDATE NOTIFICATIONS <= 0.3.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting CVE-2024-51653 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 1, 2024
Skip To <= 2.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting CVE-2024-51652 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 1, 2024
Addressbook <= 1.1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting CVE-2024-51644 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 1, 2024
Platform.ly Official <= 1.1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting CVE-2024-51687 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 1, 2024
SH Slideshow <= 4.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting CVE-2024-51632 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 1, 2024
WP Pocket URLs <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51681 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 1, 2024
Knowledge Base <= 2.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51677 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 1, 2024
Simple Page Specific Sidebars <= 2.14.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting CVE-2024-51633 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 1, 2024
e-shops <= 1.0.3 - Cross-Site Request Forgery to Reflected Cross-Site Scripting CVE-2024-51648 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 1, 2024
Random Featured Post <= 1.1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting CVE-2024-51650 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 1, 2024
SmartLink Dynamic URLs <= 1.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting CVE-2024-51657 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 1, 2024
Webriti Custom Login <= 0.3 - Cross-Site Request Forgery to Reflected Cross-Site Scripting CVE-2024-51634 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 1, 2024
APK Downloader <= 1.0.0 - Cross-Site Request Forgery to Stored Cross Site Scripting CVE-2024-51654 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 1, 2024
ML Responsive Audio player with playlist Shortcode <= 0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51573 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 31, 2024
Simple Goods <= 0.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51574 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 31, 2024
MyOrderDesk <= 3.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-50546 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 31, 2024
GDReseller <= 1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-50536 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 31, 2024
TradeMe widgets <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51613 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 31, 2024
Custom Admin Menu <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51618 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 31, 2024
WP Feature Box <= 0.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51611 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 31, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation