About Alliance Leaderboard Vulnerability database WordPress security
Login
Elliot
Alliance XP
172.85
Total reports
29
Reports, last 90 days
14
Contributions 29
Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+13 AXP

6.5

Pending

████

█████████████████████ █████ █████████████████████████████████████████████████

+5 AXP

5.4

Pending

████

███████ █████ █████████████████████████████████████████████████

+10 AXP

4.3

Pending

████

███████ █████ ███████████████████████████████████

+2 AXP

4.3

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+2 AXP

4.3

Pending

Plugin

Button Generator – easily Button Builder <= 2.3.8 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

28 November, 2023

Plugin

Button Generator – easily Button Builder <= 2.3.8 Broken Access Control vulnerability

+10.6 AXP

5.3

28 November, 2023

Plugin

Quantity Plus Minus Button for WooCommerce by CodeAstrology <= 1.1.9 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

28 November, 2023

Plugin

Animator <= 3.0.10 Unauthenticated Plugin Settings Change Vulnerability

+13 AXP

6.5

9 November, 2023

Plugin

BadgeOS <= 3.7.1.6 Broken Access Control vulnerability

+4.3 AXP

4.3

7 November, 2023

Plugin

Droit Dark Mode <= 1.1.2 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

7 November, 2023

Plugin

YITH WooCommerce Product Add-Ons <= 4.2.0 Ons plugin <= 4.2.0 Broken Access Control vulnerability

+10.6 AXP

5.3

25 October, 2023

Plugin

Duplicate Theme <= 0.1.6 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

19 October, 2023

Plugin

Tweeple <= 0.9.5 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

11 October, 2023

Plugin

Video Player <= 1.5.22 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

11 October, 2023

Plugin

Inactive Logout <= 3.2.2 Broken Access Control vulnerability

+5.4 AXP

5.4

26 September, 2023

Plugin

WP Crowdfunding <= 2.1.5 Broken Access Control vulnerability

+4.3 AXP

4.3

5 September, 2023

Plugin

Posts Like Dislike <= 1.1.0 Broken Access Control vulnerability

+10.6 AXP

5.3

5 September, 2023

Plugin

POEditor <= 0.9.4 Cross Site Request Forgery (CSRF) to stored XSS vulnerability

+2.7 AXP

5.4

5 September, 2023

Plugin

LuckyWP Scripts Control <= 1.2.1 Broken Access Control vulnerability

+5.4 AXP

5.4

28 August, 2023

Plugin

Maintenance Switch <= 1.5.2 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

28 August, 2023

Plugin

Simple Org Chart <= 2.3.4 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

17 August, 2023

Plugin

WpStream – Live Streaming, Video on Demand, Pay Per View <= 4.5.4 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

20 July, 2023

Plugin

Five Star Restaurant Menu <= 2.4.6 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

17 July, 2023

Plugin

WP Dummy Content Generator <= 2.3.0 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

7 July, 2023

Plugin

Editorial Calendar <= 3.7.12 Insecure Direct Object References (IDOR) vulnerability

+4.05 AXP

5.4

27 June, 2023

Plugin

WP Full Auto Tags Manager <= 2.2 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

30 May, 2023

Plugin

ShiftController Employee Shift Scheduling <= 4.9.23 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

6 April, 2023

Plugin

CopySafe Web Protection <= 3.13 Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

3 April, 2023

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close