Dhabaleshwar Das

1,562.04

XP

298

Reports

0

Reports, last 90 days

#32

2 Apr, 2026

🇮🇳

Lvl 4

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
VikRestaurants<= 1.3.3 Cross Site Request Forgery (CSRF)	3.55	7.1	18/12/2024
REVE Chat<= 6.4.4 Cross Site Request Forgery (CSRF)	3.55	7.1	15/12/2024
Chat2<= 4.0 Cross Site Request Forgery (CSRF)	3.55	7.1	28/12/2024
WordPress Events Calendar Plugin – connectDaily<= 1.5.4 Cross Site Request Forgery (CSRF)	3.55	7.1	02/01/2025
RepairBuddy<= 3.8213 Broken Access Control	N/A	4.3	31/12/2024
Astra Security Suite<= 0.2 Broken Access Control	10.6	5.3	24/12/2024
Apimo Connector<= 2.6.5.1 Cross Site Request Forgery (CSRF)	N/A	4.3	26/12/2024
Appointy Appointment Scheduler<= 4.2.1 Cross Site Request Forgery (CSRF)	3.25	6.5	26/12/2024
DesignO<= 2.6.0 Cross Site Request Forgery (CSRF)	N/A	4.3	28/12/2024
VikBooking Hotel Booking Engine & PMS<= 1.7.2 Cross Site Request Forgery (CSRF)	3.25	6.5	20/12/2024
Essential Real Estate<= 5.1.8 Cross Site Request Forgery (CSRF)	2.15	4.3	31/12/2024
VikAppointments Services Booking Calendar<= 1.2.16 Cross Site Request Forgery (CSRF)	3.55	7.1	20/12/2024
AI WP Writer<= 3.8.4.4 Cross Site Request Forgery (CSRF)	2.15	4.3	29/11/2024
Hive Support<= 1.1.6 Broken Access Control	N/A	4.3	06/12/2024
AI for SEO<= 1.2.9 Broken Access Control	8.6	4.3	29/11/2024
PixelYourSite – Your smart PIXEL (TAG) Manager<= 10.0.1.2 Cross Site Request Forgery (CSRF)	16.2	5.4	27/11/2024
MyBookTable Bookstore<= 3.5.3 Cross Site Request Forgery (CSRF)	2.7	5.4	24/11/2024
WP Wand<= 1.2.5 Broken Access Control	2.15	5.3	07/12/2024
WP Mailster<= 1.8.17.0 Sensitive Data Exposure	12.19	5.3	22/11/2024
WP Visitor Statistics (Real Time Traffic)<= 7.5 Broken Access Control	8.6	4.3	30/06/2024
Event Espresso 4 Decaf<= 5.0.28.decaf Cross Site Request Forgery (CSRF)	2.15	4.3	21/11/2024
WP Mailster<= 1.8.17.0 Cross Site Request Forgery (CSRF)	2.47	4.3	22/11/2024
AIcomments<= 1.4.1 Cross Site Request Forgery (CSRF)	2.15	4.3	30/11/2024
AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot<= 1.6.2 Cross Site Request Forgery (CSRF)	2.15	4.3	30/11/2024
AutoWP<= 2.0.8 Cross Site Request Forgery (CSRF)	2.15	4.3	30/11/2024
Icegram Collect<= 1.3.14 Broken Access Control	5.4	5.4	26/06/2024
Icegram<= 3.1.24 Broken Access Control	10.6	5.3	26/06/2024
Analytify<= 5.3.1 Broken Access Control	8.6	4.3	08/06/2024
Smart Online Order for Clover<= 1.5.6 Broken Access Control	4.95	4.3	15/02/2024
Smart Online Order for Clover<= 1.5.6 Broken Access Control	12.19	5.3	16/02/2024
Advanced Cron Manager – debug & control<= 2.5.9 Broken Access Control	8.6	4.3	21/04/2024
Icegram<= 3.1.24 Broken Access Control	10.6	5.3	26/06/2024
Arconix FAQ<= 1.9.4 Broken Access Control	10.6	5.3	18/06/2024
Arconix Shortcodes<= 2.1.11 Broken Access Control	10.6	5.3	11/06/2024
Matomo Analytics<= 5.1.1 Cross Site Request Forgery (CSRF)	N/A	4.3	23/02/2024
Oceanic<= 1.0.48 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
i-transform<= 3.0.9 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Popularis Verse<= 1.1.1 Cross Site Request Forgery (CSRF)	2.15	4.3	28/01/2024
EleForms<= 2.9.9.9 Broken Access Control	10.6	5.3	28/02/2024
Packlink PRO shipping module<= 3.4.6 Broken Access Control	5.4	5.4	18/03/2024
Patricia Blog<= 1.2 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
i-amaze<= 1.3.7 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Product Delivery Date for WooCommerce – Lite<= 2.7.2 Broken Access Control	10.6	5.3	10/06/2024
Internal Link Juicer: SEO Auto Linker for WordPress<= 2.24.3 Cross Site Request Forgery (CSRF)	6.45	4.3	08/06/2024
Patricia Lite<= 1.2.3 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
SociallyViral<= 1.0.10 Cross Site Request Forgery (CSRF)	N/A	4.3	27/01/2024
Point<= 1.1 Cross Site Request Forgery (CSRF)	2.15	4.3	25/01/2024
Get Better Reviews for WooCommerce<= 4.0.6 Broken Access Control	4.95	4.3	17/02/2024
Swift Performance Lite<= 2.3.6.20 Cross Site Request Forgery (CSRF)	2.15	4.3	08/06/2024
Business One Page<= 1.2.9 Broken Access Control	4.3	4.3	30/01/2024
Lawyer Landing Page<= 1.2.4 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Charitable<= 1.8.1.7 Broken Access Control	13	6.5	08/06/2024
Construction Landing Page<= 1.3.5 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Rara Business<= 1.2.5 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Metro Magazine<= 1.3.7 Broken Access Control	4.3	4.3	30/01/2024
Bakes And Cakes<= 1.2.6 Broken Access Control	4.3	4.3	30/01/2024
Posterity<= 3.3 Cross Site Request Forgery (CSRF)	2.15	4.3	29/01/2024
Rife Free<= 2.4.18 Cross Site Request Forgery (CSRF)	4.3	4.3	29/01/2024
Bard<= 2.210 Cross Site Request Forgery (CSRF)	2.15	4.3	28/01/2024
Ashe<= 2.233 Cross Site Request Forgery (CSRF)	6.45	4.3	28/01/2024
Trendy News<= 1.0.15 Cross Site Request Forgery (CSRF)	2.15	4.3	27/01/2024
Newsmatic<= 1.3.1 Broken Access Control	10.6	5.3	27/01/2024
Hestia<= 3.1.2 Cross Site Request Forgery (CSRF)	8.6	4.3	27/01/2024
Highlight<= 1.0.29 Cross Site Request Forgery (CSRF)	2.15	4.3	28/01/2024
Schema Lite<= 1.2.2 Cross Site Request Forgery (CSRF)	2.15	4.3	26/01/2024
Travel Agency<= 1.4.9 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Benevolent<= 1.3.4 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
OnePress<= 2.3.6 Cross Site Request Forgery (CSRF)	6.45	4.3	28/01/2024
NewsMash<= 1.0.34 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Perfect Portfolio<= 1.2.0 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Mesmerize<= 1.6.120 Cross Site Request Forgery (CSRF)	4.3	4.3	28/01/2024
Elegant Pink<= 1.3.0 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
JobScout<= 1.1.4 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Coachify<= 1.0.7 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Preschool and Kindergarten<= 1.2.1 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Blossom Shop<= 1.1.7 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
WP Mobile Menu<= 2.8.4.3 Cross Site Request Forgery (CSRF)	8.6	4.3	07/06/2024
Travel Monster<= 1.1.2 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
TrustedLogin Vendor< 1.1.1 Sensitive Data Exposure	12.19	5.3	05/03/2024
Vandana Lite<= 1.1.9 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Falang multilanguage<= 1.3.51 Cross Site Request Forgery (CSRF)	2.15	4.3	09/06/2024
Book Landing Page<= 1.2.3 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Digital Newspaper<= 1.1.5 Cross Site Request Forgery (CSRF)	2.15	4.3	27/01/2024
Chic Lite<= 1.1.3 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Education Zone<= 1.3.4 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Vilva<= 1.2.2 Cross Site Request Forgery (CSRF)	2.15	4.3	30/01/2024
Hueman<= 3.7.24 Cross Site Request Forgery (CSRF)	4.3	4.3	29/01/2024
Customizr<= 4.4.21 Cross Site Request Forgery (CSRF)	4.3	4.3	29/01/2024
LA-Studio Element Kit for Elementor<= 1.3.6 Broken Access Control	8.6	4.3	22/01/2024
Photo Gallery by 10Web<= 1.8.25 Broken Access Control	21.5	4.3	22/01/2024
Builder for WooCommerce reviews shortcodes – ReviewShort<= 1.01.5 Broken Access Control	13.25	5.3	08/02/2024
Clearfy Cache<= 2.3.2 Cross Site Request Forgery (CSRF)	6.45	4.3	15/03/2024
Fast Custom Social Share by CodeBard<= 1.1.2 Cross Site Request Forgery (CSRF)	2.47	4.3	19/03/2024
JCH Optimize<= 4.2.0 Path Traversal	4.3	4.3	15/04/2024
EmpowerWP<= 1.0.21 Cross Site Request Forgery (CSRF)	2.15	4.3	28/01/2024
Oasis<= 1.0.12 Cross Site Request Forgery (CSRF)	2.15	4.3	28/01/2024
Skyline WP<= 1.0.10 Cross Site Request Forgery (CSRF)	2.15	4.3	28/01/2024
Consus<= 1.0.6 Cross Site Request Forgery (CSRF)	2.15	4.3	28/01/2024
Zeka<= 1.0.9 Cross Site Request Forgery (CSRF)	2.15	4.3	28/01/2024
Niveau<= 1.0.8 Cross Site Request Forgery (CSRF)	2.15	4.3	28/01/2024

Report vulnerabilities to earn bounties and rewards!

Include pending