WPScanTeam

8
All Time Ranking
287
All Time Discoveries
0
90 Day Published Submissions
N/A
Last Published Submission

Showing 181-200 of 287 Vulnerabilities

Title CVE ID CVSS Vector Date
WooCommerce Affiliate Plugin – Coupon Affiliates <= 4.11.0.1 - Reflected Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 24, 2021
SMTP Mail <= 1.2.1 - SQL Injection 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H August 24, 2021
Jock on air now <= 5.6.1 - Cross-Site Request Forgery to Settings Update 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N August 18, 2021
Jock on air now <= 5.6.2 - Unauthenticated Stored Cross-Site Scripting 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N August 18, 2021
Jock on air now <= 5.6.1 - Reflected Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 18, 2021
Email Artillery (MASS EMAIL) <= 4.1 - Reflected Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 16, 2021
Post Carousel < 2.3.5 - Missing Capabilities Check 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L August 16, 2021
CBX Bookmark & Favorite <= 1.6.8 - Reflected Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 16, 2021
Email Artillery (MASS EMAIL) <= 4.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 16, 2021
Email Artillery (MASS EMAIL) <= 4.1 - Authenticated SQL Injection 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H August 16, 2021
Afterpay Gateway for WooCommerce <= 3.2.0 - Reflected Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 16, 2021
Amazon Auto Links <= 4.6.19 - Reflected Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 16, 2021
MWB Point of Sale (POS) for WooCommerce <= 1.0.0 - Missing Authorization 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L August 10, 2021
Two Factor Authentication (2FA , MFA, OTP SMS and Email) <= 1.0.7 - Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 10, 2021
miniOrange's Google Authenticator <= 5.4.39 - Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 10, 2021
Clean Login 1.12.6.3 - Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 9, 2021
Migration, Backup, Staging – WPvivid <= 0.9.55 - Reflected Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 9, 2021
Form Builder | Create Responsive Contact Forms <= 1.9.8.4 - Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 9, 2021
Tutor LMS <= 1.9.5 - Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 9, 2021
SpeakOut! Email Petitions <= 2.13.1.1 - Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 9, 2021

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation