Rio Darmawan

Say thanks

245.7

XP

184

Reports

0

Reports, last 90 days

#3

19 Dec, 2025

Lvl 1

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
SAHU TikTok Pixel for E-Commerce<= 1.2.2 Cross Site Scripting (XSS)	N/A	5.9	Feb 23, 2023
WC Captcha<= 1.5 Cross Site Scripting (XSS)	N/A	5.9	Feb 4, 2023
Smart App Banner<= 1.1.3 Cross Site Scripting (XSS)	N/A	5.9	Jan 7, 2023
Triberr<= 4.1.1 Cross Site Scripting (XSS)	N/A	5.9	Jan 7, 2023
LeadSquared Suite<= 0.7.4 Cross Site Scripting (XSS)	N/A	5.9	Jan 7, 2023
Next Page<= 1.5.2 Cross Site Scripting (XSS)	N/A	5.9	Jan 7, 2023
Simple Tweet<= 1.4.0.2 Cross Site Scripting (XSS)	N/A	5.9	Jan 7, 2023
Scroll post excerpt<= 8.0 Cross Site Scripting (XSS)	N/A	5.9	Jan 7, 2023
Easy Testimonial Slider and Form<= 1.0.18 Cross Site Scripting (XSS)	N/A	5.9	Jan 6, 2023
AGP Font Awesome Collection<= 3.2.4 Cross Site Request Forgery (CSRF)	2.15	4.3	Feb 4, 2023
WP Lightbox 2<= 3.0.6.5 Cross Site Scripting (XSS)	N/A	5.9	Feb 6, 2023
Constant Contact Forms by MailMunch<= 2.0.10 Cross Site Request Forgery (CSRF)	2.7	5.4	Feb 7, 2023
Hitsteps Web Analytics<= 5.86 Cross Site Scripting (XSS)	N/A	5.9	Jan 7, 2023
Open User Map<= 1.3.26 Cross Site Scripting (XSS)	N/A	5.9	Jan 9, 2023
Complete Open Graph<= 3.4.5 Cross Site Scripting (XSS)	N/A	5.9	Feb 7, 2023
WP Power Stats<= 2.2.3 Cross Site Request Forgery (CSRF)	2.15	4.3	Feb 9, 2023
WP Forms Puzzle Captcha<= 4.1 Cross Site Request Forgery (CSRF)	2.7	5.4	Feb 14, 2023
Post View Count<= 2.0 Cross Site Request Forgery (CSRF)	2.7	5.4	Feb 15, 2023
WP Adminify<= 3.1.7 Cross Site Scripting (XSS)	N/A	5.9	Jan 6, 2023
Popup contact form<= 7.1 Cross Site Scripting (XSS)	N/A	5.9	Jan 6, 2023
The Awesome Feed – Custom Feed<= 2.2.5 Cross Site Scripting (XSS)	6.5	6.5	Jan 6, 2023
Social Metrics<= 2.2 Cross Site Scripting (XSS)	N/A	5.9	Jan 6, 2023
Blocks<= 1.6.42 Cross Site Scripting (XSS)	N/A	5.9	Jan 6, 2023
Mediavine Control Panel<= 2.10.2 Cross Site Request Forgery (CSRF)	2.15	4.3	Feb 10, 2023
Schema App Structured Data<= 1.23.1 Broken Access Control	10.6	5.3	Feb 9, 2023
Mang Board WP<= 1.8.1 Cross Site Request Forgery (CSRF)	2.15	4.3	Feb 9, 2023
Order Delivery Date for WP e-Commerce<= 1.2 Cross Site Scripting (XSS)	N/A	5.9	Feb 4, 2023
Order Delivery Date for WP e-Commerce<= 1.2 Cross Site Request Forgery (CSRF)	2.15	4.3	Feb 4, 2023
wpCentral<= 1.5.7 Cross Site Request Forgery (CSRF)	8.1	5.4	Feb 6, 2023
WP Custom Post Template<= 1.0 Cross Site Request Forgery (CSRF)	2.15	4.3	Feb 7, 2023
Outbound Link Manager<= 1.2 Cross Site Request Forgery (CSRF)	2.15	4.3	Feb 7, 2023
UniConsent Cookie Consent CMP for GDPR / CCPA<= 1.4.3 Cross Site Scripting (XSS)	N/A	5.9	Jan 6, 2023
Locations<= 4.0 Cross Site Scripting (XSS)	6.5	6.5	Jan 8, 2023
Swifty Bar, sticky bar by WPGens<= 1.2.10 Cross Site Scripting (XSS)	N/A	5.9	Jan 9, 2023
Insert Estimated Reading Time<= 1.2 Cross Site Scripting (XSS)	N/A	5.9	Jan 8, 2023
Back To The Top Button<= 2.1.6 Cross Site Scripting (XSS)	N/A	5.9	Jan 8, 2023
publish post email notification<= 1.0.2.2 Cross Site Scripting (XSS)	N/A	5.9	Jan 8, 2023
Responsive Gallery Grid<= 2.3.13 Cross Site Request Forgery (CSRF)	2.7	5.4	Feb 3, 2023
HollerBox<= 2.3.2 Cross Site Scripting (XSS)	N/A	5.9	Jan 3, 2023
Better Elementor Addons<= 1.3.7 Broken Access Control	5.4	5.4	Feb 4, 2023
authLdap<= 2.6.0 Cross Site Scripting (XSS)	N/A	5.9	Feb 4, 2023
authLdap<= 2.5.8 Cross Site Request Forgery (CSRF)	2.7	5.4	Feb 4, 2023
Multi-column Tag Map<= 17.0.26 Broken Access Control	13	6.5	Feb 4, 2023
Remove/hide Author, Date, Category Like Entry-Meta<= 2.1 Cross Site Request Forgery (CSRF)	2.15	4.3	Feb 4, 2023
Snap Pixel<= 1.5.7 Cross Site Scripting (XSS)	N/A	5.9	Jan 6, 2023
MakeStories (for Google Web Stories)<= 3.0.2 Cross Site Request Forgery (CSRF)	2.7	5.4	Feb 4, 2023
Easy Coming Soon<= 2.3 Cross Site Scripting (XSS)	N/A	5.9	Feb 1, 2023
Social Share Boost<= 4.5 Cross Site Request Forgery (CSRF)	2.7	5.4	Feb 6, 2023
Post and Page Builder by BoldGrid – Visual Drag and Drop Editor<= 1.24.1 Cross Site Request Forgery (CSRF)	8.6	4.3	Feb 5, 2023
Landing Page Builder<= 1.5.1.2 Cross Site Scripting (XSS)	N/A	5.9	Jan 3, 2023
Slimstat Analytics<= 5.0.8 Cross Site Scripting (XSS)	N/A	5.9	Feb 5, 2023
Fitness calculators plugin<= 2.0.8 Cross Site Scripting (XSS)	N/A	5.9	Jan 6, 2023
Schedule Posts Calendar<= 5.2 Cross Site Scripting (XSS)	N/A	5.9	Jan 6, 2023
WxSync<= 2.8.0 Cross Site Scripting (XSS)	6.5	6.5	Jan 8, 2023
wSecure Lite<= 2.5 Cross Site Scripting (XSS)	N/A	5.9	Jan 8, 2023
Slider Carousel – Responsive Image Slider<= 1.5.1 Broken Access Control	10.6	5.3	Feb 1, 2023
Client Portal : SuiteDash Direct Login<= 1.7.7 Cross Site Scripting (XSS)	N/A	5.9	Jan 6, 2023
Post Affiliate Pro<= 1.26.9 Cross Site Scripting (XSS)	N/A	5.9	Jan 6, 2023
Audio Player with Playlist Ultimate<= 1.2.2 Cross Site Scripting (XSS)	6.5	6.5	Jan 6, 2023
WRC Pricing Tables<= 2.3.9 Cross Site Scripting (XSS)	N/A	5.9	Jan 4, 2023
Borderless<= 1.4.8 Cross Site Scripting (XSS)	N/A	5.9	Jan 3, 2023
Exifography<= 1.3.1 Cross Site Scripting (XSS)	N/A	5.9	Jan 8, 2023
wpShopGermany IT-RECHT KANZLEI<= 1.7 Cross Site Scripting (XSS)	N/A	5.9	Jan 9, 2023
Custom Field For WP Job Manager<= 1.1 Cross Site Scripting (XSS)	N/A	5.9	Jan 6, 2023
Social Share Boost<= 4.4 Cross Site Scripting (XSS)	N/A	5.9	Feb 6, 2023
oAuth Twitter Feed for Developers<= 2.3.0 Cross Site Scripting (XSS)	N/A	5.9	Feb 6, 2023
WP Cookie Notice for GDPR, CCPA & ePrivacy Consent<= 2.2.5 CSV Injection	N/A	4	Jan 11, 2023
MojoPlug Slide Panel<= 1.1.2 Cross Site Scripting (XSS)	N/A	5.9	Jan 10, 2023
Smoothscroller<= 1.0.0 Cross Site Scripting (XSS)	N/A	5.9	Jan 10, 2023
breadcrumb simple<= 1.3 Cross Site Scripting (XSS)	N/A	5.9	Jan 8, 2023
Disable WordPress Update Notifications<= 2.4.1 Cross Site Request Forgery (CSRF)	2.15	4.3	Feb 3, 2023
Call Now Icon Animate<= 0.1.0 Cross Site Scripting (XSS)	N/A	5.9	Feb 3, 2023
Button Generator – easily Button Builder<= 2.3.5 Cross Site Request Forgery (CSRF)	2.15	4.3	Feb 7, 2023
UTM Tracker<= 1.3.1 Cross Site Scripting (XSS)	N/A	5.9	Jan 10, 2023
Easy Admin Menu<= 1.3 Cross Site Scripting (XSS)	N/A	5.9	Jan 6, 2023
MailChimp Subscribe Forms <= 4.0.9.1 Cross Site Scripting (XSS)	N/A	5.9	Jan 3, 2023
WP htaccess Control<= 3.5.1 Cross Site Scripting (XSS)	N/A	5.9	Feb 1, 2023
WP Register Profile With Shortcode<= 3.5.8 Cross Site Scripting (XSS)	N/A	5.9	Jan 10, 2023
itemprop WP for SERP/SEO Rich snippets<= 3.5.201706131 Cross Site Scripting (XSS)	N/A	5.9	Jan 10, 2023
DevBuddy Twitter Feed<= 4.0.0 Cross Site Scripting (XSS)	N/A	5.9	Jan 8, 2023
Easy Hide Login<= 1.0.7 Cross Site Scripting (XSS)	N/A	5.9	Feb 15, 2023
I Recommend This<= 3.8.3 Cross Site Scripting (XSS)	N/A	5.9	Jan 11, 2023
EZP Maintenance Mode<= 1.0.1 Cross Site Scripting (XSS)	N/A	5.9	Jan 11, 2023
SparkPost<= 3.2.5 Cross Site Scripting (XSS)	N/A	5.9	Jan 11, 2023
White Label Branding for Elementor Page Builder<= 1.0.2 Cross Site Scripting (XSS)	N/A	5.9	Jan 11, 2023
WP Original Media Path<= 2.4.0 Cross Site Scripting (XSS)	N/A	5.9	Jan 11, 2023
Panorama – WordPress Project Management Plugin<= 1.5 Cross Site Scripting (XSS)	N/A	5.9	Jan 10, 2023
Semalt Blocker<= 1.1.3 Cross Site Scripting (XSS)	N/A	5.9	Jan 10, 2023
Fantastic Content Protector Free<= 2.6 Broken Access Control	10.6	5.3	Feb 4, 2023
Newsletters<= 4.8.8 Cross Site Request Forgery (CSRF)	2.7	5.4	Feb 10, 2023
SimpleModal Contact Form (SMCF)<= 1.2.9 Cross Site Scripting (XSS)	N/A	5.9	Jan 9, 2023
Optin Forms<= 1.3.2 Cross Site Scripting (XSS)	N/A	5.9	Feb 1, 2023
Enhanced WP Contact Form<= 2.2.3 Cross Site Scripting (XSS)	N/A	5.9	Jan 10, 2023
Premmerce Redirect Manager<= 1.0.10 Cross Site Request Forgery (CSRF)	N/A	4.3	Jan 10, 2023
Premmerce Redirect Manager<= 1.0.11 Cross Site Scripting (XSS)	N/A	5.9	Jan 10, 2023
Custom More Link Complete<= 1.4.1 Cross Site Scripting (XSS)	N/A	5.9	Jan 10, 2023
Review Stream<= 1.6.5 Cross Site Scripting (XSS)	N/A	5.9	Jan 6, 2023
Pagination by BestWebSoft<= 1.2.2 Cross Site Scripting (XSS)	N/A	5.9	Feb 1, 2023
Team Member<= 4.4 Cross Site Scripting (XSS)	5.9	5.9	Jan 11, 2023
VigilanTor<= 1.3.10 Cross Site Scripting (XSS)	N/A	5.9	Jan 9, 2023

Report vulnerabilities to earn bounties and rewards!

Include pending