Alliance bounty program
About Alliance Leaderboard Vulnerability database WordPress security
Login

minhtuanact

1
0
0
1
Twitter Github Website
28 November, 2022
Alliance XP
547.54
Contributions
76
Contributions 76
Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

████

█████████████████████ █████ ███████████████████████████████████

+9 AXP

4.7

Pending

████

█████████████████████ █████ ███████████████████████████████████

+12 AXP

8.5

Pending

████

█████████████████████ █████ █████████████████████████████████████████████████

+11 AXP

5.8

Pending

████

█████████████████████ █████ ██████████████████████████████████████████

+11 AXP

5.9

Pending

████

█████████████████████ █████ ███████████████████████████████████

+12 AXP

8.5

Pending

████

█████████████████████ █████ ██████████████████████████████████████████

+9 AXP

4.7

Pending

████

███████ █████ ██████████████████████████████████████████

+14 AXP

7.1

Pending

████

█████████████████████ █████ ███████████████████████████████████

+10 AXP

5.3

Pending

████

█████████████████████ █████ ██████████████████████████████████████████

+12 AXP

8.5

Pending

████

█████████████████████ █████ ███████████████████████████████████

+9 AXP

4.7

Pending

████

██████████████ █████ █████████████████████████████████████████████████

+15 AXP

7.5

Pending

Plugin

GD Security Headers <= 1.6.1 Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

17 August, 2023

Plugin

Contact form 7 Custom validation <= 1.1.3 Unauth. SQL Injection (SQLi) vulnerability

+24.6 AXP

8.2

17 August, 2023

Plugin

Doofinder for WooCommerce <= 1.5.49 Open Redirection vulnerability

+9.4 AXP

4.7

17 August, 2023

Plugin

PixTypes <= 1.4.15 Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

11 August, 2023

Plugin

Donations Made Easy – Smart Donations <= 4.0.12 SQL Injection

+0 AXP

7.6

11 August, 2023

Plugin

Onepage Builder – Easiest Landing Page Builder For WordPress <= 2.4.1 SQL Injection

+0 AXP

6.7

20 July, 2023

Plugin

Dynamic Visibility for Elementor <= 5.0.5 Broken Access Control vulnerability

+10.8 AXP

5.4

13 June, 2023

Plugin

WP ERP <= 1.12.3 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

2 June, 2023

Plugin

MailChimp Subscribe Forms <= 4.0.9.3 Open Redirection vulnerability

+9.4 AXP

4.7

10 May, 2023

Plugin

Order Your Posts Manually <= 2.2.5 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

9 May, 2023

Plugin

Order Your Posts Manually <= 2.2.5 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

9 May, 2023

Plugin

Order Your Posts Manually <= 2.2.5 SQL Injection vulnerability

+0 AXP

7.6

9 May, 2023

Plugin

Woo Custom Emails <= 2.2 Broken Access Control vulnerability

+14.6 AXP

7.3

9 May, 2023

Plugin

Ultimate Addons for Contact Form 7 <= 3.1.23 SQL Injection

+8.2 AXP

8.2

9 May, 2023

Plugin

Radio Station <= 2.4.0.9 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

9 May, 2023

Plugin

Maintenance Switch <= 1.5.2 Cross Site Scripting (XSS)

+7.1 AXP

7.1

28 April, 2023

Plugin

Mass Email To users <= 1.1.4 Cross Site Scripting (XSS)

+7.1 AXP

7.1

28 April, 2023

Plugin

Advanced Category Template <= 0.1 Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

24 April, 2023

Plugin

vSlider Multi Image Slider for WordPress <= 4.1.2 Cross Site Request Forgery (CSRF)

+4.3 AXP

4.3

19 April, 2023

Plugin

Shortcode IMDB <= 6.0.8 SQL Injection

+0 AXP

6.7

19 April, 2023

Plugin

The School Management – Education & Learning Management <= 4.1 SQL Injection

+0 AXP

6.7

19 April, 2023

Plugin

Accessibility Suite by Online ADA <= 4.11 SQL Injection

+6.4 AXP

6.4

19 April, 2023

Plugin

Kodex Posts likes <= 2.4.3 Cross Site Request Forgery (CSRF)

+4.3 AXP

4.3

19 April, 2023

Plugin

Email Subscription Popup <= 1.2.16 Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

13 April, 2023

Plugin

Neshan Maps <= 1.1.4 SQL Injection

+0 AXP

6.0

13 April, 2023

Plugin

Amelia <= 1.0.75 Cross Site Scripting (XSS) vulnerability

+42.6 AXP

7.1

6 April, 2023

Plugin

Dynamics 365 Integration <= 1.3.13 Broken Access Control vulnerability

+4.3 AXP

4.3

6 April, 2023

Plugin

Product Catalog Simple <= 1.6.17 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

6 April, 2023

Plugin

Magic Post Thumbnail <= 4.1.10 Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

3 April, 2023

Plugin

PropertyHive <= 1.5.46 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

3 April, 2023

Plugin

Affiliates Manager <= 2.9.20 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

29 March, 2023

Plugin

Advanced Page Visit Counter <= 6.4.2 SQL Injection vulnerability

+7.99 AXP

7.1

27 March, 2023

Plugin

WooCommerce JazzCash Gateway Plugin <= 2.0 Cross Site Scripting (XSS)

+7.1 AXP

7.1

22 March, 2023

Plugin

Open RDW kenteken voertuiginformatie <= 2.0.14 Cross Site Scripting (XSS)

+7.1 AXP

7.1

17 March, 2023

Plugin

Mortgage Calculator Estatik <= 2.0.7 Reflected CrossSite Scripting (XSS) vulnerability

7.1

16 March, 2023

Plugin

Open Graphite <= 1.6.0 Cross Site Scripting (XSS)

+7.1 AXP

7.1

16 March, 2023

Plugin

Slideshow Gallery <= 1.7.6 SQL Injection

+0 AXP

6.7

16 March, 2023

Plugin

VideoWhisper Live Streaming Integration <= 5.5.15 Remote Code Execution (RCE)

+9 AXP

9.0

20 February, 2023

Plugin

Multi Rating <= 5.0.6 Cross Site Scripting (XSS)

+7.1 AXP

7.1

14 February, 2023

Plugin

微信机器人高级版 <= 6.2.2.1 Reflected CrossSite Scripting (XSS) vulnerability

+7.1 AXP

7.1

8 February, 2023

Plugin

Responsive Image Gallery, Gallery Album <= 2.0.1 Cross Site Scripting (XSS)

+7.1 AXP

7.1

3 February, 2023

Plugin

Multi Rating <= 5.0.6 Unauth. Arbitrary Vote Increase/Decrease

5.3

2 February, 2023

Plugin

Image Hover Effects - Caption Hover with Carousel <= 2.8 Cross Site Scripting (XSS)

+7.1 AXP

7.1

2 February, 2023

Plugin

WPComplete <= 2.9.4 Reflected Cross Site Scripting (XSS)

+7.1 AXP

7.1

27 January, 2023

Plugin

Simple Photo Gallery <= v1.8.1 SQL Injection

+0 AXP

6.7

27 January, 2023

Plugin

User Meta Manager <= 3.4.9 Reflected Cross Site Scripting (XSS) vulnerability

+7.1 AXP

7.1

19 January, 2023

Plugin

Custom 404 Pro <= 3.7.0 Admin+ SQL Injection Vulnerability

+0 AXP

8.3

16 January, 2023

Plugin

Map Multi Marker <= 3.2.1 Reflected CrossSite Scripting (XSS) vulnerability

+7.1 AXP

7.1

13 January, 2023

Plugin

MagicForm <= 0.1 Reflected Cross Site Scripting (XSS) Vulnerability

+7.1 AXP

7.1

13 January, 2023

Plugin

Joli Table Of Contents <= 1.3.9 Cross Site Request Forgery (CSRF) on Reset Settings vulnerability

+5.4 AXP

5.4

7 January, 2023

Plugin

Launchpad – Coming Soon & Maintenance Mode Plugin <= 1.0.13 CrossSite Request Forgery (CSRF) vulnerability

+5.4 AXP

5.4

12 December, 2022

Plugin

Advanced Booking Calendar <= 1.7.1 Unauth. SQL Injection (SQLi) vulnerability

+0 AXP

10.0

2 December, 2022

Plugin

Advanced Booking Calendar <= 1.7.1 Multiple CrossSite Scripting (CSRF) vulnerabilities

5.4

1 December, 2022

Plugin

WP ULike <= 4.6.4 Race Condition vulnerability

+0 AXP

5.3

24 November, 2022

Plugin

WP-Polls <= 2.76.0 Polls plugin <= 2.76.0 Race Condition vulnerability

4.3

5 October, 2022

Plugin

Store Locator WordPress <= 1.4.5 CrossSite Scripting (XSS) via CrossSite Request Forgery (CSRF) vulnerability

6.1

28 September, 2022

Plugin

Rate my Post – WP Rating System <= 3.3.4 Race Condition vulnerability

4.3

14 September, 2022

Plugin

Rate my Post – WP Rating System <= 3.3.4 CrossSite Request Forgery (CSRF) vulnerability

4.3

14 September, 2022

Plugin

WP-PostRatings <= 1.89 PostRatings plugin <= 1.89 Rating Increase/Decrease via Race Condition vulnerability

4.3

31 August, 2022

Plugin

Event Calendar – Calendar <= 1.4.6 Unauthenticated Event Deletion vulnerability

6.5

25 August, 2022

Plugin

Contest Gallery <= 17.0.4 Authenticated SQL Injection (SQLi) vulnerability

7.6

9 August, 2022

Plugin

Admin Management Xtended <= 2.4.4 Multiple CrossSite Request Forgery (CSRF) vulnerabilities

5.4

27 May, 2022

Plugin

Image Hover Effects Ultimate <= 9.7.1 Authenticated Reflected CrossSite Scripting (XSS) vulnerability

4.8

4 May, 2022

Plugin

Download Monitor <= 4.4.6 Authenticated Reflected CrossSite Scripting (XSS) vulnerability

4.8

29 October, 2021

Plugin

ThirstyAffiliates <= 3.9.2 Authenticated Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

5.4

22 May, 2020

Back to top

Solutions

WordPress security Vulnerability database Vulnerability API Bug bounty program Plugin auditing Active security programs NEW

WordPress security

Pricing & features For care plans For hosts For plugins NEW Documentation

Patchstack

About us Careers Media Kit Articles & insight Whitepaper 2022 NEW

Social

DPA Privacy Policy Terms & Conditions © 2023 Patchstack

Solutions

WordPress security Vulnerability database Vulnerability API Bug bounty program Plugin auditing Active security programs NEW

WordPress security

Pricing & features For care plans For hosts For plugins NEW Documentation

Patchstack

About us Careers Media Kit Articles & insight Whitepaper 2022 NEW

Social

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close