Wordfence Intelligence   >   Vulnerability Researchers   >   SOPROBRO

SOPROBRO

13
All Time Ranking
241
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 1-20 of 241 Vulnerabilities

Iconize <= 1.2.4 - Authenticated (Admin+) Remote Code Execution
7.2
CVE-2024-47649
Sep 30, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
RegistrationMagic <= 6.0.1.0 - Unauthenticated Stored Cross-Site Scripting
7.2
CVE-2024-43317
Aug 16, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Simple Pricing Table <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51899
Nov 14, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Add Ribbon Shortcode <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51823
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Mobile Kiosk <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51829
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Advanced Video Player with Analytics <= 1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51824
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Adventure Bucket List <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51908
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
AgendaPress – Easily Publish Meeting Agendas and Programs on WordPress <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51807
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Alert Me! <= 0.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51825
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Assist24 Help Desk <= 20150401.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51910
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
audioCase <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51909
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Awesome Fitness Testimonials <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51806
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Beacon For Help Scout <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51828
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Boombox Shortcode <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51827
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Bitcoin Payments <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51826
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Bg Patriarchia BU <= 2.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51799
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
BeBetter Social Icons <= 2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51880
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Bamboo Enquiries <= 1.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51859
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
AzonBox <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51931
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Awesome Tool Tip <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-52349
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
Iconize <= 1.2.4 - Authenticated (Admin+) Remote Code Execution CVE-2024-47649 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H September 30, 2024
RegistrationMagic <= 6.0.1.0 - Unauthenticated Stored Cross-Site Scripting CVE-2024-43317 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N August 16, 2024
Simple Pricing Table <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51899 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 14, 2024
Add Ribbon Shortcode <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51823 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Mobile Kiosk <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51829 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Advanced Video Player with Analytics <= 1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51824 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Adventure Bucket List <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51908 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
AgendaPress – Easily Publish Meeting Agendas and Programs on WordPress <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51807 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Alert Me! <= 0.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51825 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Assist24 Help Desk <= 20150401.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51910 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
audioCase <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51909 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Awesome Fitness Testimonials <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51806 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Beacon For Help Scout <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51828 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Boombox Shortcode <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51827 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Bitcoin Payments <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51826 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Bg Patriarchia BU <= 2.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51799 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
BeBetter Social Icons <= 2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51880 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Bamboo Enquiries <= 1.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51859 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
AzonBox <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51931 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Awesome Tool Tip <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-52349 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation