SOPROBRO

12
All Time Ranking
247
All Time Discoveries
6
90 Day Published Submissions
20 Nov '24
Last Published Submission
Submitted 5 Vulnerabilities
Submitted 5 Vulnerabilities
November 20, 2024
Submitted 1 Vulnerability
Submitted 1 Vulnerability
November 20, 2024
Submitted XSS Vulnerability
Submitted XSS Vulnerability
November 20, 2024

Showing 1-20 of 247 Vulnerabilities

Title CVE ID CVSS Vector Date
Iconize <= 1.2.4 - Authenticated (Admin+) Remote Code Execution CVE-2024-47649 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H September 30, 2024
RegistrationMagic <= 6.0.1.0 - Unauthenticated Stored Cross-Site Scripting CVE-2024-43317 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N August 16, 2024
RecipePress Reloaded <= 2.12.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-11414 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 20, 2024
Shine PDF Embeder <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-11412 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 20, 2024
Dino Game – Embed Google Chrome Dinosaur Game in WordPress <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-11388 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 20, 2024
Pure CSS Circle Progress bar <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-11385 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 20, 2024
Simple Pricing Table <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51899 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 14, 2024
Alert Me! <= 0.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51825 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Advanced Video Player with Analytics <= 1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51824 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Assist24 Help Desk <= 20150401.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51910 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
audioCase <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51909 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Awesome Fitness Testimonials <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51806 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Awesome Tool Tip <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-52349 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
AzonBox <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51931 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Bamboo Enquiries <= 1.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51859 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Bitcoin Payments <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51826 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Bread & Butter <= 7.4.857 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51802 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Brand my Footer <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51801 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Boombox Shortcode <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51827 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
BeBetter Social Icons <= 2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51880 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation