yuyudhn

Say thanks

511.02

XP

160

Reports

0

Reports, last 90 days

#13

31 Mar, 2026

🇮🇩

Lvl 2

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Automatic Youtube Video Posts Plugin<= 5.2.2 Cross Site Scripting (XSS)	N/A	5.9	31/05/2023
SoundCloud Shortcode<= 3.1.0 Cross Site Scripting (XSS)	N/A	5.9	31/05/2023
ANAC XML Bandi di Gara<= 7.5 Cross Site Scripting (XSS)	2.95	5.9	24/05/2023
ANAC XML Bandi di Gara<= 7.5 Cross Site Request Forgery (CSRF)	2.7	5.4	24/05/2023
BZScore – Live Score<= 1.03 Cross Site Scripting (XSS)	4.88	6.5	24/05/2023
Pinyin Slugs<= 2.3.0 Cross Site Scripting (XSS)	N/A	5.9	21/04/2023
Layer Slider<= 1.1.9.7 Cross Site Scripting (XSS)	N/A	5.9	21/01/2023
Social Feed \| All social media in one place<= 1.5.4.6 Cross Site Scripting (XSS)	N/A	5.9	21/01/2023
Post Sliders & Post Grids<= 1.0.20 Cross Site Scripting (XSS)	N/A	5.9	21/01/2023
Comments Ratings<= 1.1.7 Cross Site Scripting (XSS)	N/A	5.9	11/01/2023
BuddyPress Global Search<= 1.2.1 Cross Site Scripting (XSS)	N/A	5.9	03/02/2023
which template file<= 4.8.0 Cross Site Request Forgery (CSRF)	2.15	4.3	03/02/2023
Image vertical reel scroll slideshow<= 9.2 Cross Site Scripting (XSS)	N/A	5.9	29/12/2022
YouTube Playlist Player<= 4.6.7 Cross Site Scripting (XSS)	4.88	6.5	02/02/2023
Social proof testimonials and reviews by Repuso<= 5.01 Cross Site Request Forgery (CSRF)	5.4	5.4	07/01/2023
LeadSquared Suite<= 0.7.4 Cross Site Request Forgery (CSRF)	7.1	7.1	10/01/2023
Timely Booking Button<= 2.0.2 Cross Site Scripting (XSS)	N/A	5.9	02/02/2023
Popup contact form<= 7.1 Cross Site Scripting (XSS)	N/A	5.9	30/12/2022
Tiny Carousel Horizontal Slider<= 8.1 Cross Site Scripting (XSS)	N/A	5.9	30/12/2022
Onclick Show Popup<= 8.2 Cross Site Scripting (XSS)	N/A	5.9	30/12/2022
Sunshine Photo Cart< 3.0.0 Insecure Direct Object References (IDOR)	5.3	5.3	08/01/2023
SendPress Newsletters<= 1.26.1.20 Cross Site Request Forgery (CSRF)	4.3	4.3	08/01/2023
SendPress Newsletters<= 1.26.1.20 Cross Site Scripting (XSS)	N/A	5.9	08/01/2023
Rescue Shortcodes<= 2.5 Cross Site Scripting (XSS)	6.5	6.5	09/01/2023
Photo Gallery Slideshow & Masonry Tiled Gallery<= 1.0.13 Cross Site Scripting (XSS)	7.1	7.1	24/01/2023
Sermon'e – Sermons Online<= 1.0.0 Cross Site Scripting (XSS)	14.2	7.1	03/02/2023
Vertical Marquee Plugin<= 7.2 Cross Site Scripting (XSS)	N/A	5.9	30/12/2022
Typing Effect<= 1.3.6 Cross Site Scripting (XSS)	6.5	6.5	09/01/2023
wp tell a friend popup form<= 7.1 Cross Site Scripting (XSS)	N/A	5.9	01/02/2023
wp tell a friend popup form<= 7.1 Cross Site Request Forgery (CSRF)	N/A	5.4	01/02/2023
Pinpoint Booking System<= 2.9.9.3.4 Content Spoofing	6.5	6.5	31/12/2022
Elastic Email Sender<= 1.2.6 Cross Site Scripting (XSS)	N/A	5.9	07/01/2023
Art Decoration Shortcode<= 1.5.6 Cross Site Scripting (XSS)	6.5	6.5	09/01/2023
Shortcode IMDB<= 6.0.8 Cross Site Request Forgery (CSRF)	4.3	4.3	08/01/2023
Image Social Feed Plugin<= 1.7.6 Cross Site Scripting (XSS)	N/A	5.9	21/01/2023
Animated Number Counters<= 1.6 Cross Site Scripting (XSS)	6.5	6.5	21/01/2023
Simple Site Verify<= 1.0.7 Cross Site Scripting (XSS)	N/A	4.3	29/04/2023
ApplyOnline<= 2.5.5 Cross Site Scripting (XSS)	N/A	5.9	22/01/2023
Five Star Restaurant Reservations<= 2.6.7 Cross Site Scripting (XSS)	14.2	7.1	31/05/2023
Seed Fonts2.3.1 Cross Site Scripting (XSS)	N/A	5.9	20/04/2023
WP Matterport Shortcode<= 2.1.4 Cross Site Scripting (XSS)	6.5	6.5	08/01/2023
Flo Forms<= 1.0.40 Cross Site Scripting (XSS)	N/A	5.9	14/02/2023
TS Webfonts for さくらのレンタルサーバ<= 3.1.2 Broken Access Control	26	6.5	20/04/2023
WordPress Social Login<= 3.0.4 Cross Site Scripting (XSS)	N/A	5.9	19/04/2023
Yandex Metrica Counter<= 1.4.3 Cross Site Scripting (XSS)	N/A	5.9	19/04/2023
Worthy – VG WORT Integration für WordPress<= 1.6.5-6497609 Cross Site Request Forgery (CSRF)	4.3	4.3	22/01/2023
Unite Gallery Lite<= 1.7.61 Cross Site Scripting (XSS)	N/A	5.9	02/02/2023
Telegram Bot & Channel<= 3.6.2 Cross Site Scripting (XSS)	N/A	5.9	24/05/2023
Unite Gallery Lite<= 1.7.59 Local File Inclusion	N/A	6	02/02/2023
EventPrime<= 2.8.6 Sensitive Data Exposure	5.3	5.3	03/01/2023
EventPrime<= 2.8.6 Cross Site Scripting (XSS)	7.1	7.1	03/01/2023
Video Gallery<= 1.0.10 Cross Site Scripting (XSS)	7.1	7.1	24/01/2023
video carousel slider with lightbox<= 1.0.22 Cross Site Scripting (XSS)	7.1	7.1	24/01/2023
Button<= 1.1.23 Cross Site Scripting (XSS)	N/A	5.9	10/01/2023
iframe popup<= 3.3 Cross Site Scripting (XSS)	N/A	5.9	27/01/2023
wordpress vertical image slider plugin<= 1.2.16 Cross Site Scripting (XSS)	7.1	7.1	24/01/2023
WP Responsive Tabs horizontal vertical and accordion Tabs<= 1.1.15 Cross Site Scripting (XSS)	7.1	7.1	24/01/2023
Hostel<= 1.1.5.1 Cross Site Scripting (XSS)	N/A	5.9	29/12/2022
Multi Rating<= 5.0.6 Cross Site Scripting (XSS)	N/A	5.9	02/01/2023
Multi Rating<= 5.0.6 Other Vulnerability Type	5.3	5.3	02/01/2023
Multi Rating<= 5.0.6 Cross Site Request Forgery (CSRF)	4.3	4.3	03/01/2023
Progress Bar<= 2.2.1 Cross Site Scripting (XSS)	6.5	6.5	10/01/2023
Verified Reviews (Avis Vérifiés)<= 2.3.14 Cross Site Scripting (XSS)	N/A	5.9	11/01/2023
Live Chat by Formilla – Real-time Chat & Chatbots Plugin<= 1.3 Cross Site Scripting (XSS)	N/A	5.9	17/01/2023
Ebook Store<= 5.775 Broken Authentication	7.5	7.5	12/01/2023
Ebook Store<= 5.775 Cross Site Scripting (XSS)	N/A	5.9	12/01/2023
Subscribers – Free Web Push Notifications<= 1.5.3 Cross Site Scripting (XSS)	N/A	5.9	12/01/2023
Category Specific RSS feed Subscription<= v2.2 Cross Site Scripting (XSS)	N/A	5.9	12/01/2023
Video Grid<= 1.21 Cross Site Scripting (XSS)	7.1	7.1	24/01/2023
Optima Express + MarketBoost IDX Plugin<= 7.3.0 Cross Site Scripting (XSS)	N/A	5.9	07/01/2023
Simple Popup Images<= 1.8.6 Cross Site Scripting (XSS)	N/A	5.9	21/01/2023
Landing Page Builder – Free Landing Page Templates<= 3.1.9.9 Local File Inclusion	6.8	6.8	21/01/2023
Comments Ratings<= 1.1.6 Cross Site Request Forgery (CSRF)	4.3	4.3	11/01/2023
Tiny carousel horizontal slider plus<= 3.2 Cross Site Scripting (XSS)	N/A	5.9	27/01/2023
Libsyn Publisher Hub<= 1.3.2 Sensitive Data Exposure	10.6	5.3	01/02/2023
affiliate-toolkit<= 3.3.3 Cross Site Scripting (XSS)	5.9	5.9	10/01/2023
Social Proof (Testimonial) Slider<= 2.2.3 Cross Site Scripting (XSS)	N/A	5.9	21/01/2023
Full Width Banner Slider Wp<= 1.1.7 Cross Site Scripting (XSS)	7.1	7.1	23/01/2023
Continuous Image Carousel With Lightbox<= 1.0.15 Cross Site Scripting (XSS)	7.1	7.1	21/01/2023
Userlike – WordPress Live Chat plugin<= 2.2 Cross Site Scripting (XSS)	N/A	5.9	17/01/2023
Lazy Social Comments<= 2.0.4 Cross Site Scripting (XSS)	N/A	5.9	17/01/2023
Disqus Conditional Load<= 11.1.1 Cross Site Scripting (XSS)	N/A	5.9	17/01/2023
Vertical scroll recent post<= 14.0 Cross Site Scripting (XSS)	6.5	6.5	18/01/2023
Kanban Boards for WordPress<= 2.5.21 Cross Site Scripting (XSS)	N/A	5.9	18/01/2023
WP Content Filter – Censor All Offensive Content From Your Site<= 3.0.1 Cross Site Scripting (XSS)	N/A	5.9	18/01/2023
TreePress – Easy Family Trees & Ancestor Profiles<= 2.0.22 Cross Site Scripting (XSS)	N/A	5.9	18/01/2023
Surbma \| GDPR Proof Cookie Consent & Notice Bar<= 17.5.3 Cross Site Scripting (XSS)	6.5	6.5	19/01/2023
Hotel Booking Lite<= 4.6.0 Cross Site Request Forgery (CSRF)	2.15	4.3	02/02/2023
Yandex.News Feed by Teplitsa<= 1.12.5 Cross Site Scripting (XSS)	N/A	5.9	01/02/2023
Daily Prayer Time<= 2023.03.08 Cross Site Request Forgery (CSRF)	2.7	5.4	03/02/2023
Daily Prayer Time<= 2023.05.04 Cross Site Scripting (XSS)	4.88	6.5	03/02/2023
Event Espresso 4 Decaf<= 4.10.44.decaf Bypass Vulnerability	3.7	3.7	03/01/2023
Leyka<= 3.29.2 Cross Site Scripting (XSS)	14.2	7.1	01/02/2023
Leyka<= 3.29.2 Cross Site Request Forgery (CSRF)	2.7	5.4	01/02/2023
Simple Slug Translate<= 2.7.2 Cross Site Scripting (XSS)	N/A	5.9	15/02/2023
Simple YouTube Responsive<= 2.5 Cross Site Scripting (XSS)	4.88	6.5	02/02/2023
Jobs for WordPress<= 2.5.10.2 Cross Site Scripting (XSS)	N/A	5.9	05/01/2023
CP Multi View Event Calendar <= 1.4.13 Broken Access Control	3.8	3.8	10/01/2023
Video Gallery – YouTube Gallery<= 1.7.6 Cross Site Scripting (XSS)	N/A	5.9	10/01/2023
Books Gallery<= 4.4.8 Cross Site Request Forgery (CSRF)	4.3	4.3	11/01/2023

Report vulnerabilities to earn bounties and rewards!

Include pending