Wordfence Intelligence   >   Vulnerability Researchers   >   SOPROBRO

SOPROBRO

13
All Time Ranking
241
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 101-120 of 241 Vulnerabilities

Social Locker <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51858
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Surbma | Font Awesome <= 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51798
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Text Advertisements <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51879
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
TinyCode <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51902
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Trendy Restaurant Menu <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51796
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Ultimate Accordion <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51797
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Utech Spinning Earth <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51839
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
VP Sitemap <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51922
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Wd-image-magnifier-xoss <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51840
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
WE – Client Logo Carousel <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51821
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Websand Subscription Form <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51923
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
WP Agenda <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51924
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
EventPress <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51861
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
WP Listings Pro <= 3.0.14 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51903
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
WP PagSeguro Payments <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51847
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera <= 4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-52347
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
yPHPlista <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51805
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
活动链接推广插件 <= 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51814
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Cookie Nonsense for YT <= 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51933
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
HQ60 Fidelity Card <= 1.8 - Reflected Cross-Site Scripting
6.1
CVE-2024-51713
Nov 4, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
Social Locker <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51858 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Surbma | Font Awesome <= 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51798 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Text Advertisements <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51879 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
TinyCode <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51902 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Trendy Restaurant Menu <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51796 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Ultimate Accordion <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51797 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Utech Spinning Earth <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51839 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
VP Sitemap <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51922 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Wd-image-magnifier-xoss <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51840 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
WE – Client Logo Carousel <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51821 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Websand Subscription Form <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51923 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
WP Agenda <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51924 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
EventPress <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51861 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
WP Listings Pro <= 3.0.14 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51903 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
WP PagSeguro Payments <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51847 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera <= 4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-52347 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
yPHPlista <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51805 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
活动链接推广插件 <= 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51814 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Cookie Nonsense for YT <= 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51933 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
HQ60 Fidelity Card <= 1.8 - Reflected Cross-Site Scripting CVE-2024-51713 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 4, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation