9
All Time Ranking
280
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

About

𝕯𝖎𝖘𝖙𝖚𝖗𝖇 𝖙𝖍𝖊 𝕻𝖊𝖆𝖈𝖊 // Darkness lurking below the surface?

Showing 1-20 of 280 Vulnerabilities

Title CVE ID CVSS Vector Date
Cooked Pro < 1.8.0 - Unauthenticated Arbitrary File Upload CVE-2024-49291 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 15, 2024
Couponis Demo < 2.2 - Unauthenticated SQL Injection CVE-2023-49750 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H December 4, 2023
Adifier System < 3.1.4 - Unauthenticated SQL Injection CVE-2023-49752 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H December 4, 2023
Adifier System < 3.1.4 - Unauthenticated Local File Inclusion CVE-2023-49753 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H December 4, 2023
WPJobBoard <= 5.9.0 - Unauthenticated SQL Injection CVE-2023-36525 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H June 27, 2023
JS Help Desk <= 2.7.1 - Unauthenticated Arbitrary File Upload CVE-2022-46839 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 27, 2023
Shortcode Addons- with Visual Composer, Divi, Beaver Builder and Elementor Extension <= 3.0.2 - Unauthenticated Arbitrary Options Update CVE-2022-34487 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H June 30, 2022
Accordions – Multiple Accordions or FAQs Builder <= 2.0.2 - Unauthenticated Arbitrary Options Update CVE-2022-33198 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H June 30, 2022
Listing, Classified Ads & Business Directory – uListing <= 2.0.5 - Privilege Escalation CVE-2021-36879 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H July 27, 2021
Listing, Classified Ads & Business Directory – uListing <= 2.0.3 - Unauthenticated SQL Injection CVE-2021-36880 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H July 26, 2021
Bello - Directory & Listing <= 1.5.9 - Unauthenticated SQL Injection CVE-2021-24321 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H May 16, 2021
Goto - Tour & Travel WordPress Theme < 2.1 - SQL Injection CVE-2021-24314 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H April 26, 2021
Controlled Admin Access <= 1.5.1 - Improper Access Control & Privilege Escalation CVE-2021-24215 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H March 23, 2021
WPJobBoard <= 5.6.4 - SQL Injection 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H November 25, 2020
Nexos - Real Estate WordPress Theme <= 1.7 - SQL Injection 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H June 28, 2020
Travel Booking WordPress Theme < 2.8.4 - SQL Injection 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H June 23, 2020
Nexos - Real Estate WordPress Theme <= 1.7 - SQL Injection CVE-2020-15363 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H June 17, 2020
Selio - Real Estate Directory <= 1.1 - SQL Injection 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H September 8, 2019
JS Help Desk <= 2.7.1 - Missing Authorization to Plugin Settings Update CVE-2022-46838 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H January 27, 2023
Realia <= 1.4.0 - Arbitrary Post Deletion 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H October 15, 2020

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation