Wordfence Intelligence   >   Vulnerability Researchers   >   RE-ALTER

RE-ALTER

9
All Time Ranking
280
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

About

𝕯𝖎𝖘𝖙𝖚𝖗𝖇 𝖙𝖍𝖊 𝕻𝖊𝖆𝖈𝖊 // Darkness lurking below the surface?

Showing 41-60 of 280 Vulnerabilities

Affiliate For WooCommerce premium <= 4.7.0 - Authenticated Insecure Direct Object Reference
7.5
CVE-2022-36284
Aug 1, 2022
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CarSpot – Dealership Wordpress Classified Theme <= 2.2.3 - Insecure Direct Object Reference
7.5
CVE ID Unknown
Jan 27, 2020
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CTHthemes CityBook < 2.3.4, TownHub < 1.0.6, EasyBook < 1.2.2 Themes - Authenticated Post Deleition via IDOR
7.5
CVE-2019-20209
Dec 27, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Extensions For CF7 <= 3.0.6 - Unauthenticated Stored Cross-Site Scripting
7.2
CVE-2024-29102
Mar 15, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
wpDiscuz <= 7.6.11 - Unauthenticated Stored Cross-Site Scripting via Comment Uploaded Image Filename
7.2
CVE-2023-47185
Oct 31, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Form Maker by 10Web <= 1.15.18 - Unauthenticated Stored Cross-Site Scripting
7.2
CVE-2023-45071
Oct 3, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
FooGallery <= 2.2.44 - Reflected Cross-Site Scripting
7.2
CVE-2023-44244
Sep 29, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
PeproDev CF7 Database <= 1.7.0 - Unauthenticated Stored Cross-Site Scripting via form submission
7.2
CVE-2023-41863
Sep 5, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Simple Membership <= 4.3.5 - Reflected Cross-Site Scripting
7.2
CVE-2023-4719
Sep 5, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Real Estate 7 Theme <= 3.3.1 - Stored Cross-Site Scripting
7.2
CVE-2022-47146
Feb 20, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Monolit <= 2.0.6 - Unauthenticated Stored Cross-Site Scripting
7.2
CVE-2023-25041
Feb 6, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Image Hover Effects Ultimate <= 9.7.1 - Authenticated (Admin+) Arbitrary Options Update
7.2
CVE-2022-42459
Oct 25, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Quiz And Survey Master <= 7.3.4 - Authenticated (Administrator+) SQL Injection
7.2
CVE-2021-36898
Oct 21, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Tabs <= 3.7.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
7.2
CVE-2022-40215
Sep 22, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Awesome Support <= 6.0.7 - Authenticated Stored Cross-Site Scripting
7.2
CVE-2022-38073
Sep 14, 2022
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
WPide <= 2.6 - Authenticated (Administrator+) Arbitrary File Upload
7.2
CVE-2022-40217
Aug 9, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Tabs – Responsive Tabs with WooCommerce Product Tab Extension <= 3.6.0 - Authenticated (Admin+) Arbitrary Options Update
7.2
CVE-2022-36375
Jul 26, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Shortcode Addons- with Visual Composer, Divi, Beaver Builder and Elementor Extension <= 3.1.2 - Authenticated Arbitrary Options Update
7.2
CVE-2022-33970
Jul 25, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Flipbox – Awesomes Flip Boxes Image Overlay <= 2.6.0 - Authenticated (Admin+) Arbitrary Options Update
7.2
CVE-2022-33969
Jul 25, 2022
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Contact Form Submissions <= 1.7.2 - Unauthenticated Stored Cross-Site Scripting
7.2
CVE-2022-0248
Feb 21, 2022
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
Affiliate For WooCommerce premium <= 4.7.0 - Authenticated Insecure Direct Object Reference CVE-2022-36284 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N August 1, 2022
CarSpot – Dealership Wordpress Classified Theme <= 2.2.3 - Insecure Direct Object Reference 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H January 27, 2020
CTHthemes CityBook < 2.3.4, TownHub < 1.0.6, EasyBook < 1.2.2 Themes - Authenticated Post Deleition via IDOR CVE-2019-20209 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N December 27, 2019
Extensions For CF7 <= 3.0.6 - Unauthenticated Stored Cross-Site Scripting CVE-2024-29102 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N March 15, 2024
wpDiscuz <= 7.6.11 - Unauthenticated Stored Cross-Site Scripting via Comment Uploaded Image Filename CVE-2023-47185 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N October 31, 2023
Form Maker by 10Web <= 1.15.18 - Unauthenticated Stored Cross-Site Scripting CVE-2023-45071 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N October 3, 2023
FooGallery <= 2.2.44 - Reflected Cross-Site Scripting CVE-2023-44244 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N September 29, 2023
PeproDev CF7 Database <= 1.7.0 - Unauthenticated Stored Cross-Site Scripting via form submission CVE-2023-41863 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Simple Membership <= 4.3.5 - Reflected Cross-Site Scripting CVE-2023-4719 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Real Estate 7 Theme <= 3.3.1 - Stored Cross-Site Scripting CVE-2022-47146 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N February 20, 2023
Monolit <= 2.0.6 - Unauthenticated Stored Cross-Site Scripting CVE-2023-25041 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N February 6, 2023
Image Hover Effects Ultimate <= 9.7.1 - Authenticated (Admin+) Arbitrary Options Update CVE-2022-42459 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 25, 2022
Quiz And Survey Master <= 7.3.4 - Authenticated (Administrator+) SQL Injection CVE-2021-36898 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 21, 2022
Tabs <= 3.7.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2022-40215 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H September 22, 2022
Awesome Support <= 6.0.7 - Authenticated Stored Cross-Site Scripting CVE-2022-38073 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N September 14, 2022
WPide <= 2.6 - Authenticated (Administrator+) Arbitrary File Upload CVE-2022-40217 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H August 9, 2022
Tabs – Responsive Tabs with WooCommerce Product Tab Extension <= 3.6.0 - Authenticated (Admin+) Arbitrary Options Update CVE-2022-36375 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H July 26, 2022
Shortcode Addons- with Visual Composer, Divi, Beaver Builder and Elementor Extension <= 3.1.2 - Authenticated Arbitrary Options Update CVE-2022-33970 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H July 25, 2022
Flipbox – Awesomes Flip Boxes Image Overlay <= 2.6.0 - Authenticated (Admin+) Arbitrary Options Update CVE-2022-33969 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H July 25, 2022
Contact Form Submissions <= 1.7.2 - Unauthenticated Stored Cross-Site Scripting CVE-2022-0248 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N February 21, 2022

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation