Bonds

13198.49

XP

468

Reports

69

Reports, last 90 days

#7

14 Dec, 2025

Lvl 10

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Elementor Website Builder<= 3.33.0 Broken Access Control	87.08	4.3	No date
WP Gravity Forms FreshDesk Plugin<= 1.3.5 Open Redirection	N/A	4.7	No date
JetElements For Elementor<= 2.7.12 Cross Site Scripting (XSS)	45.7	6.5	No date
Litho Addons<= 3.4 Broken Access Control	5.4	5.4	No date
Codiqa< 1.2.8 PHP Object Injection	29.4	9.8	Sep 21, 2025
WP Gravity Forms Zoho CRM and Bigin<= 1.2.8 Open Redirection	7.05	4.7	No date
Stockie Extra<= 1.2.11 Cross Site Request Forgery (CSRF)	0.54	4.3	No date
Stockie Extra<= 1.2.11 Content Injection	13	6.5	Sep 21, 2025
Hercules Core <= 7.4 Server Side Request Forgery (SSRF)	4.9	4.9	No date
Reservation Plugin<= 1.6 Cross Site Scripting (XSS)	14.2	7.1	Sep 21, 2025
WP Gravity Forms HubSpot<= 1.2.5 Open Redirection	7.05	4.7	Aug 24, 2025
FoodBook<= 4.7.6 Sensitive Data Exposure	10.6	5.3	Aug 24, 2025
WooEvents<= 4.1.7 Broken Access Control	10.6	5.3	Aug 24, 2025
Grand Conference Theme Custom Post Type< 2.6.4 Broken Access Control	5.4	5.4	Apr 13, 2025
BM Content Builder< 3.16.3.3 Arbitrary File Deletion	17.33	7.7	Jul 27, 2025
DentiCare< 1.4.3 PHP Object Injection	39.2	9.8	May 25, 2025
Goldenblatt< 1.3.0 PHP Object Injection	39.2	9.8	Aug 24, 2025
WorkScout-Core< 1.7.06 Cross Site Scripting (XSS)	14.2	7.1	Aug 24, 2025
Goodlayers Core< 2.1.7 Privilege Escalation	19.8	8.8	Aug 24, 2025
Addison< 1.4.8 PHP Object Injection	39.2	9.8	Aug 24, 2025
Javo Core<= 3.0.0.266 Broken Access Control	10.6	5.3	Jul 27, 2025
DriCub<= 2.9 Broken Access Control	10.6	5.3	Jul 27, 2025
DriCub<= 2.9 Server Side Request Forgery (SSRF)	10.8	5.4	Jul 27, 2025
WP Gravity Forms Keap/Infusionsoft<= 1.2.6 Open Redirection	N/A	4.7	Jul 27, 2025
CouponXxL<= 4.5.0 Cross Site Request Forgery (CSRF)	4.4	8.8	Jul 28, 2025
WorkScout-Core< 1.7.06 Cross Site Request Forgery (CSRF)	4.4	8.8	Aug 24, 2025
ShoppyStore<= 3.7.16 Local File Inclusion	32.4	8.1	May 4, 2025
Autusin<= 2.8.5 Local File Inclusion	32.4	8.1	May 4, 2025
Juno<= 2.25 Local File Inclusion	32.4	8.1	Jun 8, 2025
Wine House<= 3.12 Local File Inclusion	32.4	8.1	Jun 10, 2025
Accalia<= 1.5.3 Local File Inclusion	24.3	8.1	May 25, 2025
Chrimson<= 2.2 Local File Inclusion	24.3	8.1	May 11, 2025
ProDent<= 1.5.9 Local File Inclusion	32.4	8.1	May 11, 2025
AlphaColor<= 1.4.11.1 Local File Inclusion	32.4	8.1	May 11, 2025
Drone Media<= 2.2.0 Local File Inclusion	32.4	8.1	May 11, 2025
Booklovers<= 2.13 Local File Inclusion	32.4	8.1	May 11, 2025
Anesta<= 1.2.1 Local File Inclusion	32.4	8.1	May 11, 2025
ProRange<= 2.3 Local File Inclusion	32.4	8.1	May 11, 2025
AI ANN<= 1.1.0 Local File Inclusion	32.4	8.1	May 11, 2025
HotLock<= 1.3.9 Local File Inclusion	32.4	8.1	May 11, 2025
Fortunio<= 2.3 Local File Inclusion	32.4	8.1	May 11, 2025
Gutentype<= 2.1.11 Local File Inclusion	32.4	8.1	May 11, 2025
ShieldGroup<= 2.13 Local File Inclusion	40.5	8.1	Aug 6, 2025
Militarology<= 1.0.15 Local File Inclusion	40.5	8.1	Aug 6, 2025
Mamita<= 1.0.9 Local File Inclusion	40.5	8.1	Aug 6, 2025
Gracioza<= 1.0.15 Local File Inclusion	40.5	8.1	Aug 6, 2025
Kings & Queens<= 1.1.16 Local File Inclusion	40.5	8.1	Aug 6, 2025
Ludos Paradise<= 2.1.3 Local File Inclusion	40.5	8.1	Aug 6, 2025
Jack Well<= 1.0.14 Local File Inclusion	40.5	8.1	Aug 6, 2025
Hanani<= 1.2.11 Local File Inclusion	40.5	8.1	Aug 6, 2025
Monyxi<= 1.1.8 Local File Inclusion	40.5	8.1	Aug 6, 2025
Palladio<= 1.1.10 Local File Inclusion	40.5	8.1	Aug 6, 2025
Lettuce<= 1.1.7 Local File Inclusion	40.5	8.1	Aug 6, 2025
Lymcoin<= 1.3.12 Local File Inclusion	40.5	8.1	Aug 6, 2025
Strux<= 1.9 Local File Inclusion	40.5	8.1	Aug 6, 2025
Uxper Booking<= 1.3.3 SQL Injection	17	8.5	Jun 8, 2025
Spirit Framework<= 1.2.13 Local File Inclusion	15	7.5	Jun 10, 2025
FitLine<= 1.6 Local File Inclusion	40.5	8.1	Aug 3, 2025
Harper<= 1.13 Local File Inclusion	40.5	8.1	Aug 3, 2025
Greeny<= 2.6 Local File Inclusion	40.5	8.1	Aug 3, 2025
Rentic<= 1.1 Local File Inclusion	40.5	8.1	Aug 3, 2025
Smash<= 1.7 Local File Inclusion	40.5	8.1	Aug 3, 2025
Catwalk<= 1.4 Local File Inclusion	40.5	8.1	Aug 3, 2025
Beautique<= 1.5 Local File Inclusion	40.5	8.1	Aug 3, 2025
Assembly<= 1.1 Local File Inclusion	40.5	8.1	Aug 3, 2025
Rally<= 1.1 Local File Inclusion	40.5	8.1	Aug 3, 2025
Convex<= 1.11 Local File Inclusion	40.5	8.1	Aug 3, 2025
Hygia<= 1.16 Local File Inclusion	40.5	8.1	Aug 3, 2025
Paragon<= 1.1 Local File Inclusion	40.5	8.1	Aug 3, 2025
Legacy<= 1.9 Local File Inclusion	40.5	8.1	Aug 3, 2025
Algenix<= 1.0 Local File Inclusion	40.5	8.1	Aug 3, 2025
Towny<= 1.16 Local File Inclusion	40.5	8.1	Aug 3, 2025
Alright<= 1.6.1 Local File Inclusion	40.5	8.1	Aug 3, 2025
Good Mood<= 1.16 Local File Inclusion	40.5	8.1	Aug 3, 2025
Critique<= 1.17 Local File Inclusion	40.5	8.1	Aug 3, 2025
Manufactory<= 1.4 Local File Inclusion	40.5	8.1	Aug 3, 2025
EcoGrow<= 1.7 Local File Inclusion	40.5	8.1	Aug 3, 2025
Vocal<= 1.12 Local File Inclusion	40.5	8.1	Aug 3, 2025
Athos<= 1.9 Local File Inclusion	40.5	8.1	Aug 3, 2025
Woo Hoo<= 1.25 Local File Inclusion	40.5	8.1	Jul 31, 2025
Aromatica<= 1.8 Local File Inclusion	40.5	8.1	Jul 31, 2025
Spock<= 1.17 Local File Inclusion	40.5	8.1	Jul 31, 2025
777<= 1.3 Local File Inclusion	40.5	8.1	Jul 31, 2025
Lione<= 1.16 Local File Inclusion	40.5	8.1	Jul 31, 2025
Ziston< 1.4.5 Local File Inclusion	16.2	8.1	Jul 31, 2025
Indutri< 1.3.0 Local File Inclusion	16.2	8.1	Jul 31, 2025
Nest Addons<= 1.6.3 SQL Injection	37.2	9.3	Jul 28, 2025
ThemeREX Addons<= 2.36.1.1 PHP Object Injection	117.6	9.8	Jul 28, 2025
Pin WP< 7.2 Arbitrary File Upload	19.8	9.9	May 11, 2025
Advance Seat Reservation Management for WooCommerce<= 3.1 SQL Injection	37.2	9.3	Jul 27, 2025
Golo<= 1.7.1 Cross Site Scripting (XSS)	14.2	7.1	Jul 27, 2025
Javo Core<= 3.0.0.529 Arbitrary Content Deletion	15	7.5	Jul 27, 2025
Nuss<= 1.3.3 Local File Inclusion	32.4	8.1	Jun 8, 2025
Neptunus<= 1.0.11 Local File Inclusion	40.5	8.1	Jul 23, 2025
HeartStar<= 1.0.14 Local File Inclusion	40.5	8.1	Jul 23, 2025
Cerebrum<= 1.12 Local File Inclusion	40.5	8.1	Jul 23, 2025
Stallion<= 1.17 Local File Inclusion	40.5	8.1	Jul 23, 2025
Heart<= 1.8 Local File Inclusion	40.5	8.1	Jul 23, 2025
Pantry<= 1.4 Local File Inclusion	40.5	8.1	Jul 23, 2025
FitFlex<= 1.6 Local File Inclusion	40.5	8.1	Jul 23, 2025

Report vulnerabilities to earn bounties and rewards!

Include pending