9
All Time Ranking
280
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

About

𝕯𝖎𝖘𝖙𝖚𝖗𝖇 𝖙𝖍𝖊 𝕻𝖊𝖆𝖈𝖊 // Darkness lurking below the surface?

Showing 141-160 of 280 Vulnerabilities

Title CVE ID CVSS Vector Date
Responsive Contact Form Builder & Lead Generation Plugin < 1.7.0 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2022-23179 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N January 5, 2022
tarteaucitron.js – Cookies legislation & GDPR (WordPress plugin) <= 1.6 - Cross-Site Scripting CVE-2021-36889 3.4 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N December 17, 2021
Awesome Support – WordPress HelpDesk & Support Plugin <= 6.0.6 - Reflected Cross-Site Scripting CVE-2021-36919 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 26, 2021
Backup Migration <= 1.1.5 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2021-36884 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N November 17, 2021
Contact Form 7 Database Addon – CFDB7 plugin <= 1.2.5.9 - Cross-Site Request Forgery CVE-2021-36886 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N November 12, 2021
Contact Form 7 Database Addon – CFDB7 <= 1.2.6.1 - Unauthenticated Stored Cross-Site Scripting CVE-2021-36885 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 12, 2021
Email Tracker <= 5.2.6 - Cross-Site Request Forgery CVE-2021-44777 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L November 1, 2021
Download Monitor <= 4.4.6 - Authenticated (Admin+) Arbitrary File Download CVE-2021-31567 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N October 29, 2021
Download Monitor <= 4.4.6 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2021-23174 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N October 29, 2021
YITH Maintenance Mode <= 1.3.8 - Multiple Authenticated Stored Cross-Site Scripting CVE-2021-36845 6.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N September 23, 2021
WordPress iQ Block Country <= 1.2.11 - Authenticated Stored Cross-Site Scripting CVE-2021-36873 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N September 22, 2021
WP Google Maps Pro <= 8.1.11 - Authenticated Stored Cross-Site Scripting CVE-2021-36871 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N September 8, 2021
WP Statistics <= 13.0.9 - Reflected Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 30, 2021
Listing, Classified Ads & Business Directory – uListing <= 2.0.5 - Privilege Escalation CVE-2021-36879 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H July 27, 2021
uListing <= 2.0.5 - Cross-Site Request Forgery leading to Settings Change CVE-2021-36878 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N July 27, 2021
Listing, Classified Ads & Business Directory – uListing <= 2.0.5 - Cross-Site Request Forgery CVE-2021-36877 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N July 27, 2021
Listing, Classified Ads & Business Directory – uListing <= 2.0.5 - Cross-Site Request Forgery CVE-2021-36876 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N July 27, 2021
Listing, Classified Ads & Business Directory – uListing <= 2.0.5 - Reflected Cross-Site Scripting CVE-2021-36875 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N July 27, 2021
uListing plugin <= 2.0.5 - Authenticated Insecure Direct Object References (IDOR) CVE-2021-36874 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L July 27, 2021
Listing, Classified Ads & Business Directory – uListing <= 2.0.3 - Unauthenticated SQL Injection CVE-2021-36880 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H July 26, 2021

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation