Wordfence Intelligence   >   Vulnerability Researchers   >   stealthcopter

stealthcopter

5
All Time Ranking
373
All Time Discoveries
22
90 Day Published Submissions
19 Nov '24
Last Published Submission

10 Achievements

Learn more about Achievements
Submitted 200 Vulnerabilities
Submitted 200 Vulnerabilities
October 16, 2024
Submitted XSS Vulnerability
Submitted XSS Vulnerability
September 4, 2024
Submitted 100 Vulnerabilities
Submitted 100 Vulnerabilities
June 5, 2024
Submitted 75 Vulnerabilities
Submitted 75 Vulnerabilities
May 21, 2024
Submitted 50 Vulnerabilities
Submitted 50 Vulnerabilities
May 9, 2024
Submitted 25 Vulnerabilities
Submitted 25 Vulnerabilities
April 19, 2024
1337 Vulnerability Researcher
1337 Vulnerability Researcher
April 18, 2024
Submitted 10 Vulnerabilities
Submitted 10 Vulnerabilities
March 8, 2024
Submitted 5 Vulnerabilities
Submitted 5 Vulnerabilities
February 20, 2024
Submitted 1 Vulnerability
Submitted 1 Vulnerability
January 22, 2024
Learn more Learn more about Achievements

Showing 21-40 of 373 Vulnerabilities

Computer Repair Shop <= 3.8115 - Unauthenticated Arbitrary File Upload
9.8
CVE-2024-51793
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Stacks Mobile App Builder <= 5.2.3 - Unauthenticated Arbitrary File Upload
9.8
CVE-2024-50527
Oct 30, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
All Post Contact Form <= 1.7.8 - Unauthenticated Arbitrary File Upload
9.8
CVE-2024-50523
Oct 30, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Plug your WooCommerce into the largest catalog of customized print products from Helloprint <= 2.0.2 - Unauthenticated Arbitrary File Upload
9.8
CVE-2024-50525
Oct 30, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
RSVPMaker for Toastmasters <= 6.2.4 - Unauthenticated Arbitrary File Upload
9.8
CVE-2024-50531
Oct 30, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Multi Purpose Mail Form <= 1.0.2 - Unauthenticated Arbitrary File Upload
9.8
CVE-2024-50526
Oct 30, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
MaanStore API <= 1.0.1 - Authentication Bypass via Account Takeover
9.8
CVE-2024-50487
Oct 25, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Plugin Propagator <= 0.1 - Unauthenticated Arbitrary File Upload
9.8
CVE-2024-50495
Oct 25, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Advanced Online Ordering and Delivery Platform <= 2.0.0 - Unauthenticated Local File Inclusion
9.8
CVE-2024-50497
Oct 25, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Acnoo Flutter API <= 1.0.5 - Authentication Bypass via Account Takeover
9.8
CVE-2024-50486
Oct 25, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
WP Query Console <= 1.0 - Unauthenticated Remote Code Execution
9.8
CVE-2024-50498
Oct 25, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Sudan Payment Gateway for WooCommerce <= 1.2.2 - Unauthenticated Arbitrary File Upload
9.8
CVE-2024-50494
Oct 25, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Stacks Mobile App Builder <= 5.2.3 - Authentication Bypass via Account Takeover
9.8
CVE-2024-50477
Oct 25, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1-Click Login: Passwordless Authentication 1.4.5 - Authentication Bypass via Account Takeover
9.8
CVE-2024-50478
Oct 25, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Automatic Translation <= 1.0.4 - Unauthenticated Arbitrary File Upload
9.8
CVE-2024-50493
Oct 25, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
aDirectory <= 1.3 - Unauthenticated Arbitrary File Upload
9.8
CVE-2024-50420
Oct 24, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Woocommerce Custom Profile Picture <= 1.0 - Authenticated (Subscriber+) Arbitrary File Upload
9.8
CVE-2024-49658
Oct 21, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Verbalize WP <= 1.0 - Unauthenticated Arbitrary File Upload
9.8
CVE-2024-49668
Oct 21, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Portfolleo <= 1.2 - Authenticated (Subscriber+) Arbitrary File Upload
9.8
CVE-2024-49653
Oct 21, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Product Website Showcase <= 1.0 - Unauthenticated Arbitrary File Upload
9.8
CVE-2024-49611
Oct 17, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Title CVE ID CVSS Vector Date
Computer Repair Shop <= 3.8115 - Unauthenticated Arbitrary File Upload CVE-2024-51793 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H November 8, 2024
Stacks Mobile App Builder <= 5.2.3 - Unauthenticated Arbitrary File Upload CVE-2024-50527 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 30, 2024
All Post Contact Form <= 1.7.8 - Unauthenticated Arbitrary File Upload CVE-2024-50523 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 30, 2024
Plug your WooCommerce into the largest catalog of customized print products from Helloprint <= 2.0.2 - Unauthenticated Arbitrary File Upload CVE-2024-50525 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 30, 2024
RSVPMaker for Toastmasters <= 6.2.4 - Unauthenticated Arbitrary File Upload CVE-2024-50531 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 30, 2024
Multi Purpose Mail Form <= 1.0.2 - Unauthenticated Arbitrary File Upload CVE-2024-50526 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 30, 2024
MaanStore API <= 1.0.1 - Authentication Bypass via Account Takeover CVE-2024-50487 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 25, 2024
Plugin Propagator <= 0.1 - Unauthenticated Arbitrary File Upload CVE-2024-50495 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 25, 2024
Advanced Online Ordering and Delivery Platform <= 2.0.0 - Unauthenticated Local File Inclusion CVE-2024-50497 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 25, 2024
Acnoo Flutter API <= 1.0.5 - Authentication Bypass via Account Takeover CVE-2024-50486 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 25, 2024
WP Query Console <= 1.0 - Unauthenticated Remote Code Execution CVE-2024-50498 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 25, 2024
Sudan Payment Gateway for WooCommerce <= 1.2.2 - Unauthenticated Arbitrary File Upload CVE-2024-50494 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 25, 2024
Stacks Mobile App Builder <= 5.2.3 - Authentication Bypass via Account Takeover CVE-2024-50477 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 25, 2024
1-Click Login: Passwordless Authentication 1.4.5 - Authentication Bypass via Account Takeover CVE-2024-50478 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 25, 2024
Automatic Translation <= 1.0.4 - Unauthenticated Arbitrary File Upload CVE-2024-50493 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 25, 2024
aDirectory <= 1.3 - Unauthenticated Arbitrary File Upload CVE-2024-50420 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 24, 2024
Woocommerce Custom Profile Picture <= 1.0 - Authenticated (Subscriber+) Arbitrary File Upload CVE-2024-49658 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 21, 2024
Verbalize WP <= 1.0 - Unauthenticated Arbitrary File Upload CVE-2024-49668 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 21, 2024
Portfolleo <= 1.2 - Authenticated (Subscriber+) Arbitrary File Upload CVE-2024-49653 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 21, 2024
Product Website Showcase <= 1.0 - Unauthenticated Arbitrary File Upload CVE-2024-49611 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 17, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation