About Alliance Leaderboard Vulnerability database WordPress security
Login

Rafie Muhammad (Patchstack)

0
0
0
0
Alliance XP
15670.56
Total reports
1623
Reports, last 90 days
181
Contributions 1623
Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

████

█████████████████████ █████ █████████████████████████████████████████████████

+0 AXP

8.0

Pending

████

███████ █████ ██████████████████████████████████████████

+52 AXP

8.8

Pending

████

███████ █████ █████████████████████████████████████████████████

+46 AXP

7.7

Pending

████

██████████████ █████ █████████████████████████████████████████████████

+56 AXP

7.1

Pending

████

█████████████████████ █████ █████████████████████████████████████████████████

+16 AXP

5.4

Pending

████

█████████████████████ █████ ██████████████████████████████████████████

+26 AXP

6.5

Pending

████

█████████████████████ █████ █████████████████████████████████████████████████

+4 AXP

4.3

Pending

████

█████████████████████ █████ █████████████████████████████████████████████████

+0 AXP

6.5

Pending

████

███████ █████ ██████████████████████████████████████████

+59 AXP

8.8

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+15 AXP

4.3

Pending

████

██████████████ █████ █████████████████████████████████████████████████

+21 AXP

6.3

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+29 AXP

8.8

Pending

████

███████ █████ █████████████████████████████████████████████████

+56 AXP

7.1

Pending

████

██████████████ █████ █████████████████████████████████████████████████

+42 AXP

7.1

Pending

████

█████████████████████ █████ ███████████████████████████████████

+19 AXP

6.5

Pending

████

███████ █████ █████████████████████████████████████████████████

+39 AXP

8.8

Pending

████

█████████████████████ █████ █████████████████████████████████████████████████

+56 AXP

7.1

Pending

████

█████████████████████ █████ ██████████████████████████████████████████

+39 AXP

8.8

Pending

████

██████████████ █████ █████████████████████████████████████████████████

+19 AXP

6.5

Pending

████

██████████████ █████ ██████████████████████████████████████████

+19 AXP

6.5

Pending

████

███████ █████ █████████████████████████████████████████████████

+4 AXP

6.5

Pending

████

██████████████ █████ ███████████████████████████████████

+112 AXP

5.0

Pending

████

███████ █████ ██████████████████████████████████████████

+64 AXP

4.3

Pending

████

███████ █████ █████████████████████████████████████████████████

+21 AXP

7.1

Pending

████

██████████████ █████ █████████████████████████████████████████████████

+39 AXP

6.5

Pending

████

█████████████████████ █████ ██████████████████████████████████████████

+8 AXP

5.4

Pending

████

█████████████████████ █████ █████████████████████████████████████████████████

+42 AXP

7.1

Pending

████

██████████████ █████ █████████████████████████████████████████████████

+42 AXP

7.1

Pending

████

██████████████ █████ ██████████████████████████████████████████

+22 AXP

7.5

Pending

████

███████ █████ █████████████████████████████████████████████████

+42 AXP

7.1

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+70 AXP

5.9

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+105 AXP

7.5

Pending

████

███████ █████ ████████████████████████████████████████████████████████

+4 AXP

4.3

Pending

████

██████████████ █████ ███████████████████████████████████

+21 AXP

5.3

Pending

████

██████████████ █████ ████████████████████████████████████████████████████████

+5 AXP

5.4

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+10 AXP

5.3

Pending

████

█████████████████████ █████ █████████████████████████████████████████████████

+13 AXP

6.5

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+10 AXP

5.3

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+10 AXP

5.4

Pending

████

█████████████████████ █████ ███████████████████████████████████

+56 AXP

7.1

Pending

████

███████ █████ ██████████████████████████████████████████

+21 AXP

4.3

Pending

████

███████ █████ ████████████████████████████████████████████████████████

+42 AXP

5.3

Pending

████

█████████████████████ █████ ███████████████████████████████████

+10 AXP

5.4

Pending

████

█████████████████████ █████ ███████████████████████████████████

+13 AXP

6.5

Pending

████

███████ █████ ███████████████████████████████████

+6 AXP

6.5

Pending

████

███████ █████ ████████████████████████████████████████████████████████

+10 AXP

5.3

Pending

████

███████ █████ ██████████████████████████████████████████

+12 AXP

4.3

Pending

████

██████████████ █████ ██████████████████████████████████████████

+127 AXP

7.1

Pending

████

██████████████ █████ ████████████████████████████████████████████████████████

+147 AXP

8.2

Pending

████

███████ █████ █████████████████████████████████████████████████

+97 AXP

6.5

Pending

████

███████ █████ ███████████████████████████████████

+24 AXP

6.5

Pending

Plugin

Spectra <= 2.7.9 Cross Site Scripting (XSS) vulnerability

+29.25 AXP

6.5

3 days ago

Plugin

Astra Pro <= 4.3.1 Contributor+ Remote Code Execution (RCE) vulnerability

+74.25 AXP

9.9

3 days ago

Plugin

WooCommerce Payments <= 6.4.2 Cross Site Scripting (XSS) vulnerability

+29.25 AXP

6.5

3 days ago

Theme

Soledad <= 8.4.1 Reflected Cross Site Scripting (XSS) vulnerability

+42.6 AXP

7.1

3 days ago

Theme

Soledad <= 8.4.1 Unauthenticated PHP Object Injection vulnerability

+48.6 AXP

8.1

3 days ago

Theme

Soledad <= 8.4.1 Contributor+ SQL Injection vulnerability

+28.69 AXP

8.5

3 days ago

Plugin

WappPress <= 5.0.3 Unauthenticated Arbitrary File Upload vulnerability

+40 AXP

10.0

4 days ago

Plugin

Symbiostock Lite <= 6.0.0 Arbitrary File Upload vulnerability

+0 AXP

9.1

4 days ago

Plugin

Sayfa Sayaç <= 2.6 Unauthenticated PHP Object Injection vulnerability

+0 AXP

10.0

4 days ago

Plugin

Sayfa Sayaç <= 2.6 Unauthenticated SQL Injection vulnerability

+0 AXP

9.3

4 days ago

Plugin

BCorp Shortcodes <= 0.23 Unauthenticated PHP Object Injection vulnerability

+0 AXP

10.0

4 days ago

Plugin

Genesis Simple Love <= 2.0 Unauthenticated PHP Object Injection vulnerability

+0 AXP

10.0

4 days ago

Plugin

SureTriggers <= 1.0.23 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

4 days ago

Plugin

PowerPack Pro for Elementor <= 2.9.23 Reflected Cross Site Scripting (XSS) vulnerability

+56.8 AXP

7.1

7 days ago

Plugin

JetElements For Elementor <= 2.6.13 Cross Site Request Forgery (CSRF) vulnerability

+15.75 AXP

6.3

28 November, 2023

Plugin

JetElements For Elementor <= 2.6.13 Broken Access Control vulnerability

+31.5 AXP

6.3

28 November, 2023

Plugin

JetElements For Elementor <= 2.6.13 Unauthenticated Broken Access Control vulnerability

+82 AXP

8.2

28 November, 2023

Plugin

Widgets for Thumbtack Reviews <= 11.0.2 Arbitrary File Upload vulnerability

+0 AXP

8.0

28 November, 2023

Plugin

Review Widgets for Szallas.hu <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Expedia Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Opentable Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Booking.com Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for SourceForge Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Hotels.com Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Amazon Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Reviews &amp; Recommendations <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Customer Reviews Collector for WooCommerce <= 3.9 Arbitrary File Upload vulnerability

+0 AXP

8.0

28 November, 2023

Plugin

WP Tripadvisor Review Widgets <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Foursquare Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Capterra Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Zillow Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for AliExpress Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Wordpress Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Ebay Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Árukereső Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Yelp Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Airbnb Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

Widgets for Alibaba Reviews <= 11.0.2 Arbitrary File Upload vulnerability

8.0

28 November, 2023

Plugin

JetSmartFilters <= 3.2.2 Unauthenticated Broken Access Control vulnerability

+0 AXP

8.2

28 November, 2023

Plugin

JetMenu <= 2.4.1 Unauthenticated Broken Access Control vulnerability

8.2

28 November, 2023

Plugin

JetWooBuilder <= 2.1.7.2 Unauthenticated Broken Access Control vulnerability

8.2

28 November, 2023

Plugin

JetTabs <= 2.1.25.1 Unauthenticated Broken Access Control vulnerability

8.2

28 November, 2023

Plugin

JetTricks <= 1.4.6.1 Unauthenticated Broken Access Control vulnerability

8.2

28 November, 2023

Plugin

JetBlog <= 2.3.5 Unauthenticated Broken Access Control vulnerability

8.2

28 November, 2023

Plugin

JetBlocks For Elementor <= 1.3.8 Unauthenticated Broken Access Control vulnerability

8.2

28 November, 2023

Plugin

JetProductGallery <= 2.1.13.1 Unauthenticated Broken Access Control vulnerability

+0 AXP

8.2

28 November, 2023

Plugin

JetThemeCore <= 2.1.2.1 Unauthenticated Broken Access Control vulnerability

8.2

28 November, 2023

Plugin

JetReviews <= 2.3.2 Unauthenticated Broken Access Control vulnerability

8.2

28 November, 2023

Plugin

JetCompareWishlist <= 1.5.5.1 Unauthenticated Broken Access Control vulnerability

8.2

28 November, 2023

Plugin

JetEngine <= 3.2.5.1 Cross Site Request Forgery (CSRF) vulnerability

6.3

28 November, 2023

Plugin

JetSmartFilters <= 3.2.2 Cross Site Request Forgery (CSRF) vulnerability

6.3

28 November, 2023

Plugin

JetMenu <= 2.4.1 Cross Site Request Forgery (CSRF) vulnerability

6.3

28 November, 2023

Plugin

JetWooBuilder <= 2.1.7.2 Cross Site Request Forgery (CSRF) vulnerability

6.3

28 November, 2023

Plugin

JetTabs <= 2.1.25.1 Cross Site Request Forgery (CSRF) vulnerability

6.3

28 November, 2023

Plugin

JetTricks <= 1.4.6.1 Cross Site Request Forgery (CSRF) vulnerability

6.3

28 November, 2023

Plugin

JetSearch <= 3.1.2 Cross Site Request Forgery (CSRF) vulnerability

6.3

28 November, 2023

Plugin

JetBlog <= 2.3.5 Cross Site Request Forgery (CSRF) vulnerability

6.3

28 November, 2023

Plugin

JetBlocks For Elementor <= 1.3.8 Cross Site Request Forgery (CSRF) vulnerability

6.3

28 November, 2023

Plugin

JetProductGallery <= 2.1.13.1 Cross Site Request Forgery (CSRF) vulnerability

+0 AXP

6.3

28 November, 2023

Plugin

JetThemeCore <= 2.1.2.1 Cross Site Request Forgery (CSRF) vulnerability

6.3

28 November, 2023

Plugin

JetPopup <= 2.0.2 Cross Site Request Forgery (CSRF) vulnerability

6.3

28 November, 2023

Plugin

JetReviews <= 2.3.2 Cross Site Request Forgery (CSRF) vulnerability

6.3

28 November, 2023

Plugin

JetCompareWishlist <= 1.5.5.1 Cross Site Request Forgery (CSRF) vulnerability

6.3

28 November, 2023

Plugin

JetEngine <= 3.2.5.1 Broken Access Control vulnerability

6.3

28 November, 2023

Plugin

JetSmartFilters <= 3.2.2 Broken Access Control vulnerability

6.3

28 November, 2023

Plugin

JetMenu <= 2.4.1 Broken Access Control vulnerability

6.3

28 November, 2023

Plugin

JetWooBuilder <= 2.1.7.2 Broken Access Control vulnerability

6.3

28 November, 2023

Plugin

JetTabs <= 2.1.25.1 Broken Access Control vulnerability

6.3

28 November, 2023

Plugin

JetTricks <= 1.4.6.1 Broken Access Control vulnerability

6.3

28 November, 2023

Plugin

JetSearch <= 3.1.2 Broken Access Control vulnerability

6.3

28 November, 2023

Plugin

JetBlog <= 2.3.5 Broken Access Control vulnerability

6.3

28 November, 2023

Plugin

JetBlocks For Elementor <= 1.3.8 Broken Access Control vulnerability

6.3

28 November, 2023

Plugin

JetProductGallery <= 2.1.13.1 Broken Access Control vulnerability

+0 AXP

6.3

28 November, 2023

Plugin

JetThemeCore <= 2.1.2.1 Broken Access Control vulnerability

6.3

28 November, 2023

Plugin

JetPopup <= 2.0.2 Broken Access Control vulnerability

6.3

28 November, 2023

Plugin

JetReviews <= 2.3.2 Broken Access Control vulnerability

6.3

28 November, 2023

Plugin

JetCompareWishlist <= 1.5.5.1 Broken Access Control vulnerability

6.3

28 November, 2023

Plugin

JetElements For Elementor <= 2.6.13 Unauthenticated Arbitrary Attachment Download vulnerability

+112.5 AXP

7.5

28 November, 2023

Plugin

JetEngine <= 3.2.4 Broken Access Control vulnerability

+35.5 AXP

7.1

28 November, 2023

Plugin

JetEngine <= 3.2.4 Privilege Escalation vulnerability

+49.5 AXP

8.8

28 November, 2023

Plugin

JetBlocks For Elementor <= 1.3.8 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

28 November, 2023

Plugin

Salient Core <= 2.0.2 Cross Site Scripting (XSS) vulnerability

+24.38 AXP

6.5

24 November, 2023

Plugin

Salient Core <= 2.0.2 Reflected Cross Site Scripting (XSS) vulnerability

+71 AXP

7.1

24 November, 2023

Plugin

Yoast SEO <= 21.0 Cross Site Scripting (XSS) vulnerability

+29.5 AXP

5.9

24 November, 2023

Theme

Enfold <= 5.6.4 Reflected Cross Site Scripting (XSS) vulnerability

+71 AXP

7.1

23 November, 2023

Plugin

Porto Theme - Functionality < 2.12.1 Broken Access Control vulnerability

+31.8 AXP

5.3

23 November, 2023

Plugin

Porto Theme - Functionality < 2.12.1 Unauth. SQL Injection vulnerability

+83.7 AXP

9.3

23 November, 2023

Plugin

Mollie Payments for WooCommerce <= 7.3.11 Arbitrary File Upload vulnerability

+18.2 AXP

9.1

23 November, 2023

Plugin

Widgets for Google Reviews <= 11.0.2 Arbitrary File Upload vulnerability

+40 AXP

8.0

22 November, 2023

Plugin

WP Githuber MD <= 1.16.2 Arbitrary File Upload vulnerability

+9.1 AXP

9.1

20 November, 2023

Plugin

CataBlog <= 1.7.0 Arbitrary File Deletion vulnerability

+5.7 AXP

7.6

20 November, 2023

Plugin

CataBlog <= 1.7.0 Arbitrary File Upload vulnerability

+9.1 AXP

9.1

20 November, 2023

Plugin

Shortcodes and extra features for Phlox theme <= 2.14.0 Unauthenticated Local File Inclusion vulnerability

+137.6 AXP

8.6

15 November, 2023

Plugin

Phlox Portfolio <= 2.3.1 Unauthenticated Local File Inclusion vulnerability

+103.2 AXP

8.6

15 November, 2023

Plugin

Phlox Shop <= 2.0.0 Unauthenticated Local File Inclusion vulnerability

+68.8 AXP

8.6

15 November, 2023

Plugin

Jetpack < 12.7 Contributor+ Broken Access Control vulnerability

+32.25 AXP

4.3

15 November, 2023

Plugin

Jetpack < 12.7 Contributor+ Iframe Injection vulnerability

+40.5 AXP

5.4

15 November, 2023

Plugin

Jetpack <= 12.8-a.1 a.1 Cross Site Scripting (XSS) vulnerability

+48.75 AXP

6.5

15 November, 2023

Plugin

WooCommerce Blocks <= 11.1.1 Cross Site Scripting (XSS) vulnerability

+19.5 AXP

6.5

15 November, 2023

Plugin

WooCommerce <= 8.1.1 Contributor+ Cross Site Scripting (XSS) vulnerability

+48.75 AXP

6.5

15 November, 2023

Plugin

WooCommerce Canada Post Shipping <= 2.8.3 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

14 November, 2023

Plugin

WooCommerce Bookings <= 2.0.3 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

14 November, 2023

Plugin

LayerSlider <= 7.7.9 Cross Site Scripting (XSS) vulnerability

+29.25 AXP

6.5

14 November, 2023

Plugin

LayerSlider <= 7.7.9 Multiple Cross Site Request Forgery (CSRF) vulnerability

+21.3 AXP

7.1

14 November, 2023

Plugin

Slider Revolution <= 6.6.15 Author+ Arbitrary File Upload vulnerability

+0 AXP

8.4

14 November, 2023

Theme

Thrive Theme Builder < 3.24.0 Multiple Authenticated Broken Access Control vulnerability

+33.2 AXP

8.3

14 November, 2023

Theme

Thrive Theme Builder < 3.24.0 Authenticated Privilege Escalation vulnerability

+52.8 AXP

8.8

14 November, 2023

Theme

Thrive Theme Builder < 3.24.2 Cross Site Request Forgery (CSRF) vulnerability

+17.6 AXP

8.8

14 November, 2023

Plugin

Slider Revolution <= 6.6.14 Cross Site Scripting (XSS) vulnerability

+43.88 AXP

6.5

14 November, 2023

Plugin

Essential Grid <= 3.0.18 Multiple Authenticated Broken Access Control vulnerability

+41.5 AXP

8.3

14 November, 2023

Theme

Betheme <= 27.1.1 Contributor+ Broken Access Control vulnerability

+28.5 AXP

7.6

14 November, 2023

Plugin

ElementsKit Pro <= 3.3.0 Broken Access Control vulnerability

+17.2 AXP

4.3

13 November, 2023

Theme

Themify Ultra <= 7.3.5 Multiple Broken Access Control vulnerability

+28.64 AXP

8.3

10 November, 2023

Plugin

Essential Grid <= 3.1.0 Reflected Cross Site Scripting (XSS) vulnerability

+71 AXP

7.1

9 November, 2023

Plugin

WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.6.6 Authenticated Privilege Escalation vulnerability

+24 AXP

8.0

9 November, 2023

Plugin

WP User Frontend <= 3.6.5 Authenticated Privilege Escalation vulnerability

+5.4 AXP

7.2

9 November, 2023

Plugin

WooCommerce Checkout Manager <= 7.3.0 Broken Access Control vulnerability

+52 AXP

6.5

9 November, 2023

Plugin

Qi Addons For Elementor <= 1.6.4 Cross Site Scripting (XSS) vulnerability

+22.43 AXP

6.5

9 November, 2023

Plugin

Qi Addons For Elementor <= 1.6.3 Local File Inclusion vulnerability

+44.16 AXP

6.4

9 November, 2023

Plugin

Elementor Website Builder <= 3.16.4 Contributor+ Arbitrary Attachment Read vulnerability

+65.81 AXP

6.5

8 November, 2023

Plugin

Elementor Website Builder <= 3.16.4 Contributor+ Cross Site Scripting (XSS) vulnerability

+65.81 AXP

6.5

8 November, 2023

Plugin

Master Slider Pro <= 3.6.5 Reflected Cross Site Scripting (XSS) vulnerability

+71 AXP

7.1

7 November, 2023

Plugin

Master Slider Pro <= 3.6.5 PHP Object Injection vulnerability

+71 AXP

7.1

7 November, 2023

Plugin

Master Slider Pro <= 3.6.5 Authenticated (Editor+) SQL Injection vulnerability

+28.5 AXP

7.6

7 November, 2023

Plugin

The Plus Addons for Elementor Pro <= 5.2.8 Unauthenticated Local File Inclusion vulnerability

+39.56 AXP

8.6

31 October, 2023

Plugin

WooCommerce Stripe Payment Gateway <= 7.6.0 Cross Site Request Forgery (CSRF) vulnerability

+18.9 AXP

5.4

19 October, 2023

Plugin

Ultimate Addons for WPBakery Page Builder <= 3.19.14 Local File Inclusion vulnerability

+91.77 AXP

7.6

19 October, 2023

Plugin

Ultimate Addons for WPBakery Page Builder <= 3.19.14 Cross Site Scripting (XSS) vulnerability

+39.24 AXP

6.5

19 October, 2023

Theme

Themify Ultra <= 7.3.5 Authenticated Arbitrary File Upload vulnerability

+68.31 AXP

9.9

17 October, 2023

Theme

Themify Ultra <= 7.3.5 Authenticated Arbitrary Settings Change vulnerability

+30.36 AXP

8.8

17 October, 2023

Theme

Themify Ultra <= 7.3.5 Authenticated PHP Object Injection vulnerability

+25.53 AXP

7.4

17 October, 2023

Theme

Themify Ultra <= 7.3.5 Authenticated Privilege Escalation vulnerability

+45.54 AXP

8.8

17 October, 2023

Core

WordPress < 6.3.2 Contributor+ Stored XSS in Navigation Links Block vulnerability

+97.5 AXP

6.5

13 October, 2023

Core

WordPress < 6.3.2 Contributor+ Comment Read on Private and Password Protected Post vulnerability

+64.5 AXP

4.3

13 October, 2023

Plugin

Gutenberg <= 16.8.0 Contributor+ Stored XSS in Navigation Links Block vulnerability

+24.38 AXP

6.5

13 October, 2023

Plugin

Nexter Extension <= 2.0.3 Remote Code Execution (RCE) vulnerability

+0 AXP

9.1

12 October, 2023

Plugin

Nexter Extension <= 2.0.3 Reflected Cross Site Scripting (XSS) vulnerability

+0 AXP

7.1

12 October, 2023

Theme

Nexter <= 2.0.3 Broken Access Control vulnerability

+0 AXP

7.6

12 October, 2023

Theme

Nexter <= 2.0.3 SQL Injection vulnerability

+0 AXP

8.5

12 October, 2023

Plugin

User Submitted Posts <= 20230902 Unauthenticated Arbitrary File Upload vulnerability

+72 AXP

9.0

10 October, 2023

Plugin

WordPress Popular Posts <= 6.3.2 Cross Site Scripting (XSS) vulnerability

+24.38 AXP

6.5

9 October, 2023

Plugin

Seriously Simple Stats <= 1.5.0 SQL Injection vulnerability

+12.75 AXP

8.5

3 October, 2023

Plugin

Seriously Simple Stats <= 1.5.1 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

3 October, 2023

Plugin

Pre-Publish Checklist <= 1.1.1 Publish Checklist plugin <= 1.1.1 Broken Access Control vulnerability

+4.05 AXP

5.4

26 September, 2023

Plugin

Astra Bulk Edit <= 1.2.7 Broken Access Control vulnerability

+12.15 AXP

5.4

26 September, 2023

Plugin

Simple Membership <= 4.3.4 Authenticated Account Takeover vulnerability

+39.6 AXP

8.8

25 September, 2023

Plugin

Simple Membership <= 4.3.4 Unauthenticated Membership Role Privilege Escalation vulnerability

+77.4 AXP

8.6

25 September, 2023

Plugin

Essential Addons for Elementor <= 5.8.8 Contributor+ Privilege Escalation vulnerability

+79.7 AXP

8.8

15 September, 2023

Theme

Flatsome <= 3.17.5 Unauthenticated PHP Object Injection vulnerability

+99.6 AXP

8.3

6 September, 2023

Theme

WoodMart <= 7.2.4 Reflected Cross Site Scripting (XSS) vulnerability

+65.32 AXP

7.1

5 September, 2023

Plugin

Premium Starter Templates <= 3.2.5 Broken Access Control vulnerability

+22.43 AXP

6.5

5 September, 2023

Plugin

Premium Starter Templates <= 3.2.4 Server Side Request Forgery (SSRF) vulnerability

+24.5 AXP

7.1

5 September, 2023

Plugin

Starter Templates <= 3.2.5 Broken Access Control vulnerability

+39.24 AXP

6.5

5 September, 2023

Plugin

Starter Templates <= 3.2.4 Server Side Request Forgery (SSRF) vulnerability

+42.87 AXP

7.1

5 September, 2023

Plugin

GiveWP <= 2.33.0 GiveWP Manager+ Privilege Escalation vulnerability

+43.2 AXP

7.2

4 September, 2023

Plugin

All-in-One WP Migration Google Drive Extension <= 2.79 inOne WP Migration Google Drive Extension plugin <= 2.79 Unauth. Access Token Manipulation vulnerability

+87.6 AXP

7.3

30 August, 2023

Plugin

All-in-One WP Migration Dropbox Extension <= 3.75 inOne WP Migration Dropbox Extension plugin <= 3.75 Unauth. Access Token Manipulation vulnerability

+87.6 AXP

7.3

30 August, 2023

Plugin

All-in-One WP Migration OneDrive Extension <= 1.66 inOne WP Migration OneDrive Extension plugin <= 1.66 Unauth. Access Token Manipulation vulnerability

+87.6 AXP

7.3

30 August, 2023

Plugin

All-in-One WP Migration Box Extension <= 1.53 inOne WP Migration Box Extension plugin <= 1.53 Unauth. Access Token Manipulation vulnerability

+87.6 AXP

7.3

30 August, 2023

Plugin

Happy Elementor Addons Pro <= 2.8.0 Reflected Cross Site Scripting (XSS) vulnerability

+32.66 AXP

7.1

29 August, 2023

Plugin

Bridge Core <= 3.0.9 Reflected Cross Site Scripting (XSS) vulnerability

+71 AXP

7.1

29 August, 2023

Plugin

Folders <= 2.9.2 Arbitrary File Upload vulnerability

+27.3 AXP

9.1

28 August, 2023

Plugin

Elements kit Elementor addons <= 2.9.0 Broken Access Control vulnerability

+30.1 AXP

4.3

23 August, 2023

Plugin

JupiterX Core <= 3.3.5 Unauth. Arbitrary File Upload vulnerability

+144 AXP

9.0

22 August, 2023

Plugin

JupiterX Core <= 3.3.8 Unauthenticated Account Takeover vulnerability

+117.6 AXP

9.8

22 August, 2023

Plugin

Paid Memberships Pro CCBill Gateway <= 0.3 Unauthenticated Broken Access Control vulnerability

+16.4 AXP

8.2

17 August, 2023

Plugin

JupiterX Core 3.0.0-3.3.0 Multiple Auth. Broken Access Control vulnerability

+21.6 AXP

5.4

13 August, 2023