Alliance bounty program
About Alliance Leaderboard Vulnerability database WordPress security
Login

Cat

0
0
1
1
Twitter Github Website
29 November, 2022
Cat
Alliance XP
179.3
Contributions
42
Contributions 42
Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

████

█████████████████████ █████ █████████████████████████████████████████████████

+8 AXP

4.3

Pending

████

██████████████ █████ ████████████████████████████████████████████████████████

+0 AXP

5.4

Pending

Plugin

Accordion and Accordion Slider <= 1.2.4 Broken Access Control

+5.3 AXP

5.3

11 August, 2023

Plugin

Portfolio and Projects <= 1.3.7 Broken Access Control vulnerability

+4.3 AXP

4.3

11 August, 2023

Plugin

ARMember Premium <= 5.9.2 Broken Access Control

+0 AXP

4.3

11 August, 2023

Plugin

APIExperts Square for WooCommerce <= 4.2.9 Broken Access Control

+5.3 AXP

5.3

26 July, 2023

Plugin

ARMember Premium <= 5.8 Stored Cross Site Scripting (XSS)

+0 AXP

5.9

18 July, 2023

Plugin

Slider a SlidersPack <= 2.0.2 Broken Access Control vulnerability

+5.3 AXP

5.3

17 July, 2023

Plugin

ARMember <= 4.0.5 Cross Site Request Forgery (CSRF)

+5.4 AXP

5.4

10 July, 2023

Plugin

NOO Timetable <= 2.1.3 Cross Site Request Forgery (CSRF)

+4.3 AXP

4.3

27 June, 2023

Plugin

NOO Timetable <= 2.1.3 Cross Site Scripting (XSS)

+6.5 AXP

6.5

27 June, 2023

Plugin

ARMember <= 4.0.4 Stored Cross Site Scripting (XSS) on Common Messages Settings

+0 AXP

5.9

27 June, 2023

Plugin

SW Product Bundles <= 2.0.15 Broken Access Control

+5.4 AXP

5.4

27 June, 2023

Plugin

Post Hit Counter <= 1.3.2 Broken Access Control

+4.3 AXP

4.3

27 June, 2023

Plugin

Video Contest WordPress Plugin <= 3.2 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

25 May, 2023

Plugin

Video Contest WordPress Plugin <= 3.2 Cross Site Scripting (XSS)

+0 AXP

5.9

25 May, 2023

Plugin

Gallery Metabox <= 1.5 Cross Site Request Forgery (CSRF)

+4.3 AXP

4.3

19 April, 2023

Plugin

Woocommerce Product Designer <= 4.3.3 CrossSite Request Forgery (CSRF)

+5.4 AXP

5.4

19 April, 2023

Plugin

SiteAlert (Formerly WP Health) <= 1.9.7 CrossSite Request Forgery (CSRF) vulnerability

+6.5 AXP

5.4

19 April, 2023

Plugin

WP EasyPay <= 4.2.1 Cross Site Request Forgery (CSRF)

+4.3 AXP

4.3

14 April, 2023

Plugin

Featured Post Creative <= 1.2.7 Broken Access Control vulnerability

+5.3 AXP

5.3

13 April, 2023

Plugin

Trending/Popular Post Slider and Widget <= 1.5.7 Broken Access Control vulnerability

+5.3 AXP

5.3

30 March, 2023

Plugin

Thank You Page Customizer for WooCommerce – Increase Your Sales <= 1.0.13 Cross Site Request Forgery (CSRF)

+4.3 AXP

4.3

22 March, 2023

Plugin

Stock Sync for WooCommerce <= 2.3.2 Broken Access Control

+4.3 AXP

4.3

22 March, 2023

Plugin

Bulk Resize Media <= 1.1 Cross Site Request Forgery (CSRF)

+4.3 AXP

4.3

16 March, 2023

Plugin

Import External Images <= 1.4 Cross Site Request Forgery (CSRF)

+4.3 AXP

4.3

16 March, 2023

Plugin

Kopa Framework <= 1.3.5 Cross Site Request Forgery (CSRF)

+4.3 AXP

4.3

13 March, 2023

Plugin

Community by PeepSo <= 6.0.2.0 Cross Site Request Forgery (CSRF)

+4.3 AXP

4.3

22 February, 2023

Plugin

Meta slider and carousel with lightbox <= 1.6.2 Broken Access Control

+5.3 AXP

5.3

15 February, 2023

Plugin

Conditional Payments for WooCommerce <= 2.3.1 Cross Site Request Forgery (CSRF)

+5.4 AXP

5.4

14 February, 2023

Plugin

ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce <= 1.0.21 Broken Access Control + CSRF

+4.3 AXP

4.3

14 February, 2023

Plugin

Cart All In One For WooCommerce <= 1.1.10 Cross Site Request Forgery (CSRF)

+5.4 AXP

5.4

14 February, 2023

Plugin

OWM Weather <= 5.6.11 Cross Site Request Forgery (CSRF)

+4.3 AXP

4.3

7 February, 2023

Plugin

Cost of Goods for WooCommerce <= 2.8.6 Broken Access Control vulnerability

+5.4 AXP

5.4

6 February, 2023

Plugin

Album and Image Gallery plus Lightbox <= 1.6.2 Broken Access Control

+5.3 AXP

5.3

2 February, 2023

Plugin

FV Flowplayer Video Player <= 7.5.30.7212 Cross Site Request Forgery (CSRF)

+8.6 AXP

4.3

2 February, 2023

Plugin

Conditional Shipping for WooCommerce <= 2.3.1 Cross Site Request Forgery (CSRF)

+5.4 AXP

5.4

27 January, 2023

Plugin

WP Table Manager <= 3.5.2 Broken Access Control

+0 AXP

5.3

27 January, 2023

Plugin

WP Table Manager <= 3.5.2 Cross Site Scripting (XSS)

+0 AXP

6.5

27 January, 2023

Plugin

ARMember <= 3.4.10 Broken Access Control

+4.3 AXP

4.3

20 January, 2023

Plugin

Mediamatic – Media Library Folders <= 2.8.1 Cross Site Request Forgery (CSRF)

+4.3 AXP

4.3

13 January, 2023

Plugin

Extra Block Design, Style, CSS for ANY Gutenberg Blocks <= 0.2.6 Cross Site Request Forgery (CSRF)

+5.4 AXP

5.4

13 January, 2023

Back to top

Solutions

WordPress security Vulnerability database Vulnerability API Bug bounty program Plugin auditing Active security programs NEW

WordPress security

Pricing & features For care plans For hosts For plugins NEW Documentation

Patchstack

About us Careers Media Kit Articles & insight Whitepaper 2022 NEW

Social

DPA Privacy Policy Terms & Conditions © 2023 Patchstack

Solutions

WordPress security Vulnerability database Vulnerability API Bug bounty program Plugin auditing Active security programs NEW

WordPress security

Pricing & features For care plans For hosts For plugins NEW Documentation

Patchstack

About us Careers Media Kit Articles & insight Whitepaper 2022 NEW

Social

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close