About Alliance Leaderboard Vulnerability database WordPress security
Login

Nguyen Anh Tien

0
0
0
0
Nguyen Anh Tien
Alliance XP
625.7
Contributions
53
Contributions 53
Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+14 AXP

7.3

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+13 AXP

6.5

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+8 AXP

4.3

Pending

████

██████████████ █████ █████████████████████████████████████████████████

+75 AXP

7.5

Pending

████

███████ █████ ████████████████████████████████████████████████████████

+31 AXP

5.3

Pending

████

██████████████ █████ █████████████████████████████████████████████████

+111 AXP

9.3

Pending

Plugin

WPvivid Backup and Migration <= 0.9.90 Privilege Escalation on Staging Environment vulnerability

+66 AXP

8.8

13 September, 2023

Plugin

Carousel Slider <= 2.2.2 Broken Access Control vulnerability

+21.2 AXP

5.3

5 September, 2023

Plugin

Simple Giveaways <= 2.46.0 Broken Access Control vulnerability

+5.3 AXP

5.3

4 July, 2023

Plugin

Download Monitor <= 4.8.3 Arbitrary File Upload vulnerability

+79.2 AXP

9.9

13 June, 2023

Plugin

Leyka <= 3.30.2 Privilege Escalation vulnerability

+13.2 AXP

8.8

22 May, 2023

Plugin

Link Whisper Free <= 0.6.3 Unauthenticated Broken Access Control vulnerability

+13 AXP

6.5

9 May, 2023

Plugin

Easy Digital Downloads 3.1 - 3.1.1.4.1 3.1.1.4.1 Unauthenticated Privilege Escalation Vulnerability

+58.8 AXP

9.8

1 May, 2023

Plugin

If Menu <= 0.16.3 Broken Access Control

+39 AXP

6.5

22 March, 2023

Plugin

WordPress Email Marketing Plugin – WP Email Capture <= 3.10 Sensitive Data Exposure vulnerability

+10.6 AXP

5.3

15 March, 2023

Plugin

WP-RecentComments <= 2.2.7 RecentComments plugin <= 2.2.7 Broken Access Control vulnerability

+5.4 AXP

5.4

20 February, 2023

Plugin

Auto Affiliate Links <= 6.2.1.5 Unauth. Broken Access Control vulnerability

+6.5 AXP

6.5

6 February, 2023

Plugin

WordPress Form Builder Plugin – Gutenberg Forms <= 2.2.8.3 Auth. Broken Access Control vulnerability

+6.5 AXP

6.5

6 February, 2023

Plugin

Analytify <= 4.2.3 Google Analytics Dashboard plugin <= 4.2.3 Privilege Escalation vulnerability

+19.5 AXP

6.5

29 December, 2022

Plugin

Robo Gallery <= 3.2.9 Auth. Broken Access Control vulnerability

+16.2 AXP

5.4

14 December, 2022

Plugin

Post Teaser <= 4.1.5 Auth. Broken Access Control vulnerability

+5.4 AXP

5.4

2 December, 2022

Plugin

Afterpay Gateway for WooCommerce <= 3.5.0 Unauth. Reflected CrossSite Scripting (XSS) vulnerability

+0 AXP

4.7

1 December, 2022

Plugin

Better Click To Tweet <= 5.10.3 Unauth. Broken Access Control vulnerability

+5.3 AXP

5.3

28 November, 2022

Plugin

WP-FormAssembly <= 2.0.5 FormAssembly plugin <= 2.0.5 Auth. Arbitrary File Read vulnerability

+0 AXP

6.5

23 November, 2022

Plugin

Plugin for Google Reviews <= 2.2.2 Auth. Broken Access Control vulnerability

4.3

18 November, 2022

Plugin

WooSwipe WooCommerce Gallery <= 3.0.2 Auth. Broken Access Control vulnerability

+0 AXP

5.4

17 November, 2022

Plugin

ULTIMATE TABLES <= 1.6.5 Unauth. Reflected CrossSite Scripting (XSS) vulnerability

6.1

17 November, 2022

Plugin

LoginPress <= 1.6.2 Broken Access Control vulnerability

5.3

7 November, 2022

Plugin

Permalink Manager Lite <= 2.2.20 Broken Access Control vulnerability

6.5

1 November, 2022

Plugin

Subscribe to Category <= 2.7.4 Auth. Broken Access Control vulnerability

+0 AXP

4.3

31 October, 2022

Plugin

Modula Image Gallery <= 2.6.9 Unauth. Plugin Settings Change vulnerability

6.5

28 October, 2022

Plugin

Advanced Floating Content <= 1.2.1 Multiple Auth. CrossSite Scripting (XSS) vulnerabilities

4.1

24 October, 2022

Plugin

Welcart e-Commerce <= 2.7.7 Unauth. Directory Traversal vulnerability

7.5

20 October, 2022

Plugin

WordPress Importer <= 1.0.2 Reflected CrossSite Scripting (XSS) vulnerability

6.1

11 October, 2022

Plugin

CRM Perks Forms <= 1.1.0 Reflected CrossSite Scripting (XSS) vulnerability

6.1

30 September, 2022

Plugin

FontMeister <= 1.08 Reflected CrossSite Scripting (XSS) vulnerability

6.1

23 September, 2022

Plugin

Photospace Gallery <= 2.3.5 Broken Access Control vulnerability

5.4

12 September, 2022

Plugin

Pop-up <= 1.1.5 up plugin <= 1.1.5 Privilege Escalation vulnerability

5.4

2 September, 2022

Plugin

ActiveDEMAND <= 0.2.27 Broken Authentication vulnerability

6.5

2 August, 2022

Plugin

GS Testimonial Slider <= 1.9.5 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

27 July, 2022

Plugin

Custom Product Tabs for WooCommerce <= 1.7.7 Broken Access Control vulnerability leading to &yikesthecontenttoggle option update

5.3

28 June, 2022

Plugin

Images Slideshow by 2J <= 1.3.54 Reflected CrossSite Scripting (XSS) vulnerability

+0 AXP

7.1

4 May, 2022

Plugin

Ravpage <= 2.27 Unauthenticated Reflected CrossSite Scripting (XSS) vulnerability

6.1

28 April, 2022

Plugin

ShortPixel Adaptive Images <= 3.3.1 Subscriber+ Plugin Settings Update vulnerability

4.3

25 April, 2022

Plugin

FV Flowplayer Video Player <= 7.5.15.727 SQL Injection (SQLi) vulnerability

6.6

18 March, 2022

Plugin

Accelerated Mobile Pages <= 1.0.77.31 Authenticated Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

4.8

11 December, 2021

Plugin

Ivory Search <= 4.6.6 Reflected CrossSite Scripting (XSS) vulnerability

4.8

1 October, 2021

Plugin

Testimonial Rotator <= 3.0.3 Authenticated Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

6.5

19 February, 2021

Plugin

Ivory Search <= 4.5.10 Reflected CrossSite Scripting (XSS) vulnerability

+0 AXP

7.1

1 February, 2021

Plugin

Constant Contact Forms <= 1.8.7 Multiple Authenticated Stored CrossSite Scripting (XSS) vulnerabilities

+0 AXP

5.5

6 September, 2020

Plugin

WP Customer Reviews <= 3.4.2 Multiple Unauthenticated and Low Privilege Authenticated Stored XSS vulnerabilities

20 August, 2020

Plugin

Blog2Social <= 6.3.0 Authenticated SQL Injection (SQLi) vulnerability

+0 AXP

8.5

9 June, 2020

Plugin

AdRotate Banner Manager <= 5.8.3 Authenticated SQL Injection (SQLi) vulnerability

+0 AXP

7.6

3 June, 2020

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close