Alliance bounty program
About Alliance Leaderboard Vulnerability database WordPress security
Login

Nguyen Anh Tien

0
0
0
0
Twitter Github Website
28 November, 2022
Nguyen Anh Tien
Alliance XP
625.7
Contributions
53
Contributions 53
Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+14 AXP

7.3

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+13 AXP

6.5

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+8 AXP

4.3

Pending

████

██████████████ █████ █████████████████████████████████████████████████

+75 AXP

7.5

Pending

████

███████ █████ ████████████████████████████████████████████████████████

+31 AXP

5.3

Pending

████

██████████████ █████ █████████████████████████████████████████████████

+111 AXP

9.3

Pending

Plugin

WPvivid Backup and Migration <= 0.9.90 Privilege Escalation on Staging Environment vulnerability

+66 AXP

8.8

13 September, 2023

Plugin

Carousel Slider <= 2.2.2 Broken Access Control vulnerability

+21.2 AXP

5.3

5 September, 2023

Plugin

Simple Giveaways <= 2.46.0 Broken Access Control vulnerability

+5.3 AXP

5.3

4 July, 2023

Plugin

Download Monitor <= 4.8.3 Arbitrary File Upload vulnerability

+79.2 AXP

9.9

13 June, 2023

Plugin

Leyka <= 3.30.2 Privilege Escalation vulnerability

+13.2 AXP

8.8

22 May, 2023

Plugin

Link Whisper Free <= 0.6.3 Unauthenticated Broken Access Control vulnerability

+13 AXP

6.5

9 May, 2023

Plugin

Easy Digital Downloads 3.1 - 3.1.1.4.1 3.1.1.4.1 Unauthenticated Privilege Escalation Vulnerability

+58.8 AXP

9.8

1 May, 2023

Plugin

If Menu <= 0.16.3 Broken Access Control

+39 AXP

6.5

22 March, 2023

Plugin

WordPress Email Marketing Plugin – WP Email Capture <= 3.10 Sensitive Data Exposure vulnerability

+10.6 AXP

5.3

15 March, 2023

Plugin

WP-RecentComments <= 2.2.7 RecentComments plugin <= 2.2.7 Broken Access Control vulnerability

+5.4 AXP

5.4

20 February, 2023

Plugin

Auto Affiliate Links <= 6.2.1.5 Unauth. Broken Access Control vulnerability

+6.5 AXP

6.5

6 February, 2023

Plugin

WordPress Form Builder Plugin – Gutenberg Forms <= 2.2.8.3 Auth. Broken Access Control vulnerability

+6.5 AXP

6.5

6 February, 2023

Plugin

Analytify <= 4.2.3 Google Analytics Dashboard plugin <= 4.2.3 Privilege Escalation vulnerability

+19.5 AXP

6.5

29 December, 2022

Plugin

Robo Gallery <= 3.2.9 Auth. Broken Access Control vulnerability

+16.2 AXP

5.4

14 December, 2022

Plugin

Post Teaser <= 4.1.5 Auth. Broken Access Control vulnerability

+5.4 AXP

5.4

2 December, 2022

Plugin

Afterpay Gateway for WooCommerce <= 3.5.0 Unauth. Reflected CrossSite Scripting (XSS) vulnerability

+0 AXP

4.7

1 December, 2022

Plugin

Better Click To Tweet <= 5.10.3 Unauth. Broken Access Control vulnerability

+5.3 AXP

5.3

28 November, 2022

Plugin

WP-FormAssembly <= 2.0.5 FormAssembly plugin <= 2.0.5 Auth. Arbitrary File Read vulnerability

+0 AXP

6.5

23 November, 2022

Plugin

Plugin for Google Reviews <= 2.2.2 Auth. Broken Access Control vulnerability

4.3

18 November, 2022

Plugin

WooSwipe WooCommerce Gallery <= 3.0.2 Auth. Broken Access Control vulnerability

+0 AXP

5.4

17 November, 2022

Plugin

ULTIMATE TABLES <= 1.6.5 Unauth. Reflected CrossSite Scripting (XSS) vulnerability

6.1

17 November, 2022

Plugin

LoginPress <= 1.6.2 Broken Access Control vulnerability

5.3

7 November, 2022

Plugin

Permalink Manager Lite <= 2.2.20 Broken Access Control vulnerability

6.5

1 November, 2022

Plugin

Subscribe to Category <= 2.7.4 Auth. Broken Access Control vulnerability

+0 AXP

4.3

31 October, 2022

Plugin

Modula Image Gallery <= 2.6.9 Unauth. Plugin Settings Change vulnerability

6.5

28 October, 2022

Plugin

Advanced Floating Content <= 1.2.1 Multiple Auth. CrossSite Scripting (XSS) vulnerabilities

4.1

24 October, 2022

Plugin

Welcart e-Commerce <= 2.7.7 Unauth. Directory Traversal vulnerability

7.5

20 October, 2022

Plugin

WordPress Importer <= 1.0.2 Reflected CrossSite Scripting (XSS) vulnerability

6.1

11 October, 2022

Plugin

CRM Perks Forms <= 1.1.0 Reflected CrossSite Scripting (XSS) vulnerability

6.1

30 September, 2022

Plugin

FontMeister <= 1.08 Reflected CrossSite Scripting (XSS) vulnerability

6.1

23 September, 2022

Plugin

Photospace Gallery <= 2.3.5 Broken Access Control vulnerability

5.4

12 September, 2022

Plugin

Pop-up <= 1.1.5 up plugin <= 1.1.5 Privilege Escalation vulnerability

5.4

2 September, 2022

Plugin

ActiveDEMAND <= 0.2.27 Broken Authentication vulnerability

6.5

2 August, 2022

Plugin

GS Testimonial Slider <= 1.9.5 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

27 July, 2022

Plugin

Custom Product Tabs for WooCommerce <= 1.7.7 Broken Access Control vulnerability leading to &yikesthecontenttoggle option update

5.3

28 June, 2022

Plugin

Images Slideshow by 2J <= 1.3.54 Reflected CrossSite Scripting (XSS) vulnerability

+0 AXP

7.1

4 May, 2022

Plugin

Ravpage <= 2.27 Unauthenticated Reflected CrossSite Scripting (XSS) vulnerability

6.1

28 April, 2022

Plugin

ShortPixel Adaptive Images <= 3.3.1 Subscriber+ Plugin Settings Update vulnerability

4.3

25 April, 2022

Plugin

FV Flowplayer Video Player <= 7.5.15.727 SQL Injection (SQLi) vulnerability

6.6

18 March, 2022

Plugin

Accelerated Mobile Pages <= 1.0.77.31 Authenticated Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

4.8

11 December, 2021

Plugin

Ivory Search <= 4.6.6 Reflected CrossSite Scripting (XSS) vulnerability

4.8

1 October, 2021

Plugin

Testimonial Rotator <= 3.0.3 Authenticated Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

6.5

19 February, 2021

Plugin

Ivory Search <= 4.5.10 Reflected CrossSite Scripting (XSS) vulnerability

+0 AXP

7.1

1 February, 2021

Plugin

Constant Contact Forms <= 1.8.7 Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities

+0 AXP

5.5

6 September, 2020

Plugin

WP Customer Reviews <= 3.4.2 Multiple Unauthenticated and Low Privilege Authenticated Stored XSS vulnerabilities

20 August, 2020

Plugin

Blog2Social <= 6.3.0 Authenticated SQL Injection (SQLi) vulnerability

+0 AXP

8.5

9 June, 2020

Plugin

AdRotate Banner Manager <= 5.8.3 Authenticated SQL Injection (SQLi) vulnerability

+0 AXP

7.6

3 June, 2020

Back to top

Solutions

WordPress security Vulnerability database Vulnerability API Bug bounty program Plugin auditing Active security programs NEW

WordPress security

Pricing & features For care plans For hosts For plugins NEW Documentation

Patchstack

About us Careers Media Kit Articles & insight Whitepaper 2022 NEW

Social

DPA Privacy Policy Terms & Conditions © 2023 Patchstack

Solutions

WordPress security Vulnerability database Vulnerability API Bug bounty program Plugin auditing Active security programs NEW

WordPress security

Pricing & features For care plans For hosts For plugins NEW Documentation

Patchstack

About us Careers Media Kit Articles & insight Whitepaper 2022 NEW

Social

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close