9
All Time Ranking
280
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

About

𝕯𝖎𝖘𝖙𝖚𝖗𝖇 𝖙𝖍𝖊 𝕻𝖊𝖆𝖈𝖊 // Darkness lurking below the surface?

Showing 261-280 of 280 Vulnerabilities

Title CVE ID CVSS Vector Date
Cooked – Recipe Management <= 1.7.15.4 - Cross-Site Request Forgery via cooked_get_recipe_ids CVE-2024-39678 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N July 17, 2024
PeproDev CF7 Database <= 1.8.0 - Cross-Site Request Forgery CVE-2023-41864 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N April 16, 2024
Favicon <= 1.3.29 - Cross-Site Request Forgery to Notice Dismissal CVE-2024-31422 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N April 10, 2024
Multiple Themes by KlbTheme <= (Various Versions) - Cross-Site Request Forgery CVE-2023-49838 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N December 7, 2023
NextGEN Gallery <= 3.37 - Cross-Site Request Forgery CVE-2023-48328 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N November 23, 2023
wpDiscuz <= 7.6.11 - Cross-Site Request Forgery CVE-2023-47775 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N November 14, 2023
FooGallery <= 2.2.44 - Cross-Site Request Forgery CVE-2023-44233 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 29, 2023
Rate my Post - WP Rating System <= 3.4.1 - Insecure Direct Object Reference CVE-2023-49765 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N August 11, 2023
Oxygen < 4.4 - Cross-Site Request Forgery CVE-2022-46841 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N July 20, 2023
Accordions – Multiple Accordions or FAQs Builder <= 2.0.3 - Authenticated Arbitrary Options Update CVE-2022-38104 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N September 29, 2022
Popup Builder <= 4.1.0 - Cross-Site Request Forgery CVE-2022-32289 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N June 17, 2022
Private Messages For WordPress <= 2.1.10 - Cross-Site Request Forgery CVE-2022-29441 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N May 26, 2022
eRoom – Zoom Meetings & Webinar <= 1.3.8 - Cross-Site Request Forgery CVE-2022-25615 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N April 11, 2022
eRoom – Zoom Meetings & Webinar <= 1.3.7 - Cross-Site Request Forgery CVE-2022-25614 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N April 11, 2022
Yoo Slider plugin <= 2.0.0 - Cross-Site Request Forgery CVE-2022-27846 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N April 11, 2022
uListing <= 2.0.5 - Cross-Site Request Forgery leading to Settings Change CVE-2021-36878 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N July 27, 2021
Simple Event Planner plugin <= 1.5.4 - Cross-Site Scripting CVE-2022-25612 4.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N March 23, 2022
Countdown & Clock <= 2.3.2 - Pro Features Lock Bypass CVE-2022-29423 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N April 28, 2022
WP YouTube Lyte <= 1.7.15 - Authenticated (Admin+) Cross-Site Scripting CVE-2021-24419 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N May 3, 2021
tarteaucitron.js – Cookies legislation & GDPR (WordPress plugin) <= 1.6 - Cross-Site Scripting CVE-2021-36889 3.4 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N December 17, 2021

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation