Wordfence Intelligence   >   Vulnerability Researchers   >   RE-ALTER

RE-ALTER

9
All Time Ranking
280
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

About

𝕯𝖎𝖘𝖙𝖚𝖗𝖇 𝖙𝖍𝖊 𝕻𝖊𝖆𝖈𝖊 // Darkness lurking below the surface?

Showing 201-220 of 280 Vulnerabilities

Analytics Cat – Google Analytics Made Easy <= 1.0.9 - Authenticated (Admin+) Stored Cross-Site Scripting
5.5
CVE-2022-40311
Sep 29, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Accordions – Multiple Accordions or FAQs Builder <= 2.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting in post_oxi_settings function
5.5
CVE-2022-45082
Sep 29, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Accordions – Multiple Accordions or FAQs Builder <= 2.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting via 'pages' parameter
5.5
CVE-2022-45082
Sep 29, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Accordions – Multiple Accordions or FAQs Builder <= 2.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting via 'license' parameter
5.5
CVE-2022-45082
Sep 29, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
WP Maintenance <= 6.0.7 - Authenticated (Admin+) Cross-Site Scripting
5.5
CVE-2022-30536
Jun 28, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
wpDataTables <= 2.1.27 - Authenticated Cross-Site Scripting
5.5
CVE-2022-29432
May 6, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Night Mode <= 1.0.0 - Authenticated (Admin+) Stored Cross-Site Scripting
5.5
CVE-2022-29418
Apr 25, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Shield Security <= 13.0.5 - Admin+ Stored Cross-Site Scripting
5.5
CVE-2022-0211
Jan 19, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Backup Migration <= 1.1.5 - Authenticated (Admin+) Stored Cross-Site Scripting
5.5
CVE-2021-36884
Nov 17, 2021
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Download Monitor <= 4.4.6 - Authenticated (Admin+) Stored Cross-Site Scripting
5.5
CVE-2021-23174
Oct 29, 2021
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
WordPress iQ Block Country <= 1.2.11 - Authenticated Stored Cross-Site Scripting
5.5
CVE-2021-36873
Sep 22, 2021
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
WP Google Maps Pro <= 8.1.11 - Authenticated Stored Cross-Site Scripting
5.5
CVE-2021-36871
Sep 8, 2021
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
WordPress Popular Posts <= 5.3.3 - Authenticated (Admin+) Stored Cross-Site Scripting
5.5
CVE-2021-36872
Jul 4, 2021
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Async Javascript <= 2.20.12.09 - Authenticated (Admin+) Cross-Site Scripting
5.5
CVE ID Unknown
Jun 13, 2021
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
WP Reset <= 1.86 - Authenticated Stored Cross-Site Scripting via extra_data Parameter
5.5
CVE-2021-24424
May 26, 2021
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Related Posts for WordPress <= 2.0.4 - Stored Cross-Site Scripting
5.5
CVE-2021-24482
May 17, 2021
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Autoptimize <= 2.8.3 - Stored Cross-Site Scripting
5.5
CVE-2021-24332
May 7, 2021
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
WP DoNotTrack <= 0.8.8 - Authenticated (Admin+) Stored Cross-Site Scripting
5.5
CVE ID Unknown
May 3, 2021
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Rss for Yandex Turbo <= 1.30 - Admin+ Stored Cross-Site Scripting
5.5
CVE-2021-24428
Apr 23, 2021
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Cooked – Recipe Management <= 1.7.15.4 - Cross-Site Request Forgery to Template Apply
5.4
CVE-2024-39681
Jul 17, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Title CVE ID CVSS Vector Date
Analytics Cat – Google Analytics Made Easy <= 1.0.9 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2022-40311 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N September 29, 2022
Accordions – Multiple Accordions or FAQs Builder <= 2.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting in post_oxi_settings function CVE-2022-45082 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N September 29, 2022
Accordions – Multiple Accordions or FAQs Builder <= 2.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting via 'pages' parameter CVE-2022-45082 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N September 29, 2022
Accordions – Multiple Accordions or FAQs Builder <= 2.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting via 'license' parameter CVE-2022-45082 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N September 29, 2022
WP Maintenance <= 6.0.7 - Authenticated (Admin+) Cross-Site Scripting CVE-2022-30536 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N June 28, 2022
wpDataTables <= 2.1.27 - Authenticated Cross-Site Scripting CVE-2022-29432 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N May 6, 2022
Night Mode <= 1.0.0 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2022-29418 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N April 25, 2022
Shield Security <= 13.0.5 - Admin+ Stored Cross-Site Scripting CVE-2022-0211 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N January 19, 2022
Backup Migration <= 1.1.5 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2021-36884 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N November 17, 2021
Download Monitor <= 4.4.6 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2021-23174 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N October 29, 2021
WordPress iQ Block Country <= 1.2.11 - Authenticated Stored Cross-Site Scripting CVE-2021-36873 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N September 22, 2021
WP Google Maps Pro <= 8.1.11 - Authenticated Stored Cross-Site Scripting CVE-2021-36871 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N September 8, 2021
WordPress Popular Posts <= 5.3.3 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2021-36872 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N July 4, 2021
Async Javascript <= 2.20.12.09 - Authenticated (Admin+) Cross-Site Scripting 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N June 13, 2021
WP Reset <= 1.86 - Authenticated Stored Cross-Site Scripting via extra_data Parameter CVE-2021-24424 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N May 26, 2021
Related Posts for WordPress <= 2.0.4 - Stored Cross-Site Scripting CVE-2021-24482 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N May 17, 2021
Autoptimize <= 2.8.3 - Stored Cross-Site Scripting CVE-2021-24332 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N May 7, 2021
WP DoNotTrack <= 0.8.8 - Authenticated (Admin+) Stored Cross-Site Scripting 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N May 3, 2021
Rss for Yandex Turbo <= 1.30 - Admin+ Stored Cross-Site Scripting CVE-2021-24428 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N April 23, 2021
Cooked – Recipe Management <= 1.7.15.4 - Cross-Site Request Forgery to Template Apply CVE-2024-39681 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L July 17, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation