Alliance bounty program
About Alliance Leaderboard Vulnerability database WordPress security
Login

Rafshanzani Suhada

0
2
0
2
Twitter Github Website
4 January, 2023
Alliance XP
907.11
Contributions
78
Contributions 78
Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

████

███████ █████ ████████████████████████████████████████████████████████

+7 AXP

7.5

Pending

████

█████████████████████ █████ █████████████████████████████████████████████████

+13 AXP

6.5

Pending

████

█████████████████████ █████ ██████████████████████████████████████████

+14 AXP

6.5

Pending

████

█████████████████████ █████ ███████████████████████████████████

+12 AXP

4.3

Pending

████

█████████████████████ █████ █████████████████████████████████████████████████

+15 AXP

5.3

Pending

████

███████ █████ ███████████████████████████████████

+4 AXP

6.5

Pending

████

█████████████████████ █████ ███████████████████████████████████

+4 AXP

6.5

Pending

Plugin

AcyMailing SMTP Newsletter <= 8.6.2 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

5 September, 2023

Plugin

Automatic YouTube Gallery <= 2.3.3 Broken Access Control vulnerability

+4.3 AXP

4.3

5 September, 2023

Plugin

Super Socializer <= 7.13.54 Broken Access Control vulnerability

+8.6 AXP

4.3

5 September, 2023

Plugin

Directorist <= 7.7.1 CSV Injection

+5.1 AXP

5.1

5 September, 2023

Plugin

Email posts to subscribers <= 6.2 Cross Site Scripting (XSS)

+0 AXP

5.9

5 September, 2023

Plugin

Email posts to subscribers <= 6.2 Sensitive Data Exposure

+5.3 AXP

5.3

5 September, 2023

Plugin

Collapse-O-Matic <= 1.8.5.5 OMatic plugin <= 1.8.5.5 Cross Site Scripting (XSS) vulnerability

+14.63 AXP

6.5

22 August, 2023

Plugin

Master Addons for Elementor <= 2.0.3 Broken Access Control vulnerability

+26 AXP

6.5

22 August, 2023

Plugin

Slimstat Analytics <= 5.0.5.1 Broken Access Control vulnerability

+26 AXP

6.5

22 August, 2023

Plugin

Simple URLs <= 117 Broken Access Control vulnerability

+5.4 AXP

5.4

21 August, 2023

Plugin

Simple URLs 118 Shortcode Cross Site Scripting (XSS) vulnerability

+4.88 AXP

6.5

21 August, 2023

Plugin

Simple URLs <= 117 Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

21 August, 2023

Plugin

Cost Calculator Builder <= 3.1.42 Broken Access Control vulnerability

+5.4 AXP

5.4

18 August, 2023

Plugin

Popup by Supsystic <= 1.10.19 Broken Access Control Vulnerability

+10.6 AXP

5.3

11 August, 2023

Plugin

Photo Engine <= 6.2.5 Insecure Direct Object References (IDOR)

+5.4 AXP

5.4

20 July, 2023

Plugin

KB Support <= 1.5.88 Missing Authorization vulnerability

+4.3 AXP

4.3

11 July, 2023

Plugin

Layer Slider <= 1.1.9.7 Cross Site Scripting (XSS) vulnerability

+6.5 AXP

6.5

28 June, 2023

Plugin

Form Builder <= 1.9.9.0 CSV Injection vulnerability

+4.7 AXP

4.7

28 June, 2023

Plugin

Email download link <= 3.7 Sensitive Data Exposure

+5.3 AXP

5.3

27 June, 2023

Plugin

MaxButtons <= 9.5.3 Cross Site Scripting (XSS) vulnerability

+26 AXP

6.5

23 June, 2023

Plugin

Spam protection, AntiSpam, FireWall by CleanTalk <= 6.10 Broken Access Control vulnerability

+44 AXP

8.8

22 June, 2023

Plugin

Photo Gallery by 10Web <= 1.8.15 Broken Access Control vulnerability

+21.5 AXP

4.3

19 June, 2023

Plugin

Super Socializer <= 7.13.52 Cross Site Scripting (XSS) vulnerability

+9.75 AXP

6.5

19 June, 2023

Plugin

Form Builder <= 1.9.9.0 Cross Site Request Forgery (CSRF) vulnerability

+7.1 AXP

7.1

19 June, 2023

Plugin

MasterStudy LMS <= 3.0.8 Cross Site Scripting (XSS) vulnerability

+6.5 AXP

6.5

15 June, 2023

Plugin

MasterStudy LMS <= 3.0.8 Broken Access Control vulnerability

+6.5 AXP

6.5

15 June, 2023

Plugin

Directorist <= 7.5.4 Arbitrary Content Deletion

+4.3 AXP

4.3

13 June, 2023

Plugin

Groundhogg <= 2.7.11 SQL Injection vulnerability

+0 AXP

7.6

30 May, 2023

Plugin

Groundhogg <= 2.7.11 Cross Site Request Forgery (CSRF)

+5.4 AXP

5.4

30 May, 2023

Plugin

Layer Slider <= 1.1.9.7 CrossSite Request Forgery (CSRF)

+7.1 AXP

7.1

19 April, 2023

Plugin

Simple Job Board <= 2.10.3 Cross Site Request Forgery (CSRF)

+4.3 AXP

4.3

7 April, 2023

Plugin

Connections Business Directory <= 10.4.36 Cross Site Scripting (XSS) vulnerability

+6.5 AXP

6.5

6 April, 2023

Plugin

User Registration <= 2.3.2.1 Broken Access Control vulnerability

+31.8 AXP

5.3

6 April, 2023

Plugin

Filebird <= 5.1.4 Broken Access Control vulnerability

+11 AXP

5.5

27 March, 2023

Plugin

Easy Table of Contents <= 2.0.45.2 Broken Access Control vulnerability

+27 AXP

5.4

21 March, 2023

Plugin

Data Tables Generator by Supsystic <= 1.10.25 Broken Acces Control vulnerability

+8.6 AXP

4.3

13 March, 2023

Plugin

Site Reviews <= 6.5.0 Broken Access Control vulnerability

+12.9 AXP

4.3

13 March, 2023

Plugin

Site Reviews <= 6.5.1 Cross Site Scripting (XSS) vulnerability

+14.63 AXP

6.5

13 March, 2023

Plugin

Robo Gallery <= 3.2.12 Cross Site Scripting (XSS) vulnerability

+14.63 AXP

6.5

13 March, 2023

Plugin

GiveWP <= 2.25.1 CSV Injection vulnerability

+18.8 AXP

4.7

10 March, 2023

Plugin

GiveWP <= 2.25.1 Arbitrary Content Deletion vulnerability

+21.6 AXP

5.4

10 March, 2023

Plugin

GiveWP <= 2.25.1 Contributor+ Cross Site Scripting (XSS) vulnerability

+26 AXP

6.5

10 March, 2023

Plugin

KB Support <= 1.5.84 CSV Injection vulnerability

+4.4 AXP

4.4

24 February, 2023

Plugin

Strong Testimonials <= 3.0.2 Cross Site Scripting (XSS)

+26 AXP

6.5

21 February, 2023

Plugin

wpDataTables <= 2.1.49 Cross Site Scripting (XSS) vulnerability

+19.5 AXP

6.5

20 February, 2023

Plugin

Ditty <= 3.0.32 Cross Site Scripting (XSS) vulnerability

+13 AXP

6.5

20 February, 2023

Plugin

Visualizer <= 3.9.4 Cross Site Scripting (XSS) vulnerability

+13 AXP

6.5

20 February, 2023

Plugin

Top 10 <= 3.2.3 Broken Access Control vulnerability

+8.6 AXP

4.3

20 February, 2023

Plugin

RegistrationMagic <= 5.1.9.2 Multiple Cross Site Request Forgery (CSRF)

+5.4 AXP

5.4

17 February, 2023

Plugin

WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.6.0 Arbitrary Content Deletion vulnerability

+21.2 AXP

5.3

13 February, 2023

Plugin

Arigato Autoresponder and Newsletter <= 2.7.1.1 Cross Site Scripting (XSS)

+7.1 AXP

7.1

6 February, 2023

Plugin

Arigato Autoresponder and Newsletter <= 2.7.1 Cross Site Scripting (XSS)

+0 AXP

5.9

6 February, 2023

Plugin

Icegram Collect – Easy Form, Lead Collection and Subscription plugin <= 1.3.8 Cross Site Scripting (XSS)

+0 AXP

5.9

6 February, 2023

Plugin

Arigato Autoresponder and Newsletter <= 2.7.1.1 Cross Site Scripting (XSS)

+6.5 AXP

6.5

2 February, 2023

Plugin

Formidable Forms <= 5.5.6 Cross Site Request Forgery (CSRF)

+28.4 AXP

7.1

2 February, 2023

Plugin

Ocean Extra <= 2.1.1 Cross Site Scripting (XSS) vulnerability

+33 AXP

5.5

2 February, 2023

Plugin

Glossary <= 2.1.27 Cross Site Scripting (XSS) vulnerability

+6.5 AXP

6.5

27 January, 2023

Plugin

Material Design Icons for Page Builders <= 1.4.2 Cross Site Scripting (XSS) vulnerability

+6.5 AXP

6.5

27 January, 2023

Plugin

BNE Testimonials <= 2.0.7 Cross Site Scripting (XSS)

+6.5 AXP

6.5

27 January, 2023

Plugin

ChatBot <= 4.3.0 Multiple Cross Site Scripting (XSS)

+0 AXP

5.9

27 January, 2023

Plugin

ChatBot <= 4.2.8 Cross Site Request Forgery (CSRF)

+5.4 AXP

5.4

27 January, 2023

Plugin

Blocksy Companion <= 1.8.67 Cross Site Scripting (XSS) vulnerability

+22 AXP

5.5

27 January, 2023

Plugin

WP Popups <= 2.1.4.8 Cross Site Scripting (XSS)

+13 AXP

6.5

23 January, 2023

Plugin

AutomatorWP <= 2.5.0 code automation plugin for WordPress plugin <= 2.5.0 Cross Site Request Forgery (CSRF)

+4.3 AXP

5.4

20 January, 2023

Plugin

Booking Calendar <= 9.4.2 SQL Injection

+0 AXP

7.6

20 January, 2023

Plugin

WP Client Reports <= 1.0.16 Subscriber+ Sensitive Data Exposure

+4.3 AXP

4.3

20 January, 2023

Plugin

Heateor Social Comments <= 1.6.1 Cross Site Scripting (XSS)

+6.5 AXP

6.5

20 January, 2023

Plugin

WP Airbnb Review Slider <= 3.2 Cross Site Request Forgery (CSRF) Leading To Reviews Removal Vulnerability

+7.1 AXP

7.1

20 January, 2023

Plugin

WP Google Map Plugin <= 4.3.9 Cross Site Scripting (XSS) vulnerability

+23.6 AXP

5.9

20 January, 2023

Plugin

Pods <= 2.9.10.2 Cross Site Request Forgery (CSRF) vulnerability

+28.4 AXP

7.1

20 January, 2023

Plugin

TemplatesNext ToolKit <= 3.2.7 Cross Site Scripting (XSS)

+6.5 AXP

6.5

17 January, 2023

Back to top

Solutions

WordPress security Vulnerability database Vulnerability API Bug bounty program Plugin auditing Active security programs NEW

WordPress security

Pricing & features For care plans For hosts For plugins NEW Documentation

Patchstack

About us Careers Media Kit Articles & insight Whitepaper 2022 NEW

Social

DPA Privacy Policy Terms & Conditions © 2023 Patchstack

Solutions

WordPress security Vulnerability database Vulnerability API Bug bounty program Plugin auditing Active security programs NEW

WordPress security

Pricing & features For care plans For hosts For plugins NEW Documentation

Patchstack

About us Careers Media Kit Articles & insight Whitepaper 2022 NEW

Social

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close