Peng Zhou

642.57

XP

43

Reports

0

Reports, last 90 days

#7

25 Dec, 2025

Lvl 3

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
WordPress Tag Cloud Plugin – Tag Groups<= 2.0.3 Sensitive Data Exposure	10.6	5.3	Mar 31, 2024
Masterstudy LMS Starter<= 1.1.8 Sensitive Data Exposure	10.6	5.3	Mar 19, 2024
WP SMS<= 6.9.3 Broken Access Control	10.6	5.3	Mar 28, 2024
Create by Mediavine<= 1.9.8 Sensitive Data Exposure	10.6	5.3	Mar 29, 2024
Store Locator Plus<= 2311.17.01 Sensitive Data Exposure	10.6	5.3	Mar 30, 2024
DirectoryPress<= 3.6.10 SQL Injection	9.56	8.5	Feb 17, 2024
Olive One Click Demo Import<= 1.1.2 Sensitive Data Exposure	10.6	5.3	Feb 28, 2024
Realtyna Organic IDX plugin<= 4.14.13 Arbitrary File Upload	N/A	9.1	Mar 6, 2024
Import Spreadsheets from Microsoft Excel<= 10.1.4 Arbitrary File Upload	13.65	9.1	Feb 17, 2024
Seraphinite Post .DOCX Source<= 2.16.9 Server Side Request Forgery (SSRF)	7.1	7.1	Feb 13, 2024
Seraphinite Post .DOCX Source<= 2.16.9 Broken Access Control	4.3	4.3	Feb 13, 2024
WP2Speed Faster<= 1.0.1 Sensitive Data Exposure	10.6	5.3	Mar 31, 2024
Generate PDF using Contact Form 7<= 4.1.2 Cross Site Request Forgery (CSRF)	N/A	9.6	Mar 6, 2024
FileBird Document Library<= 2.0.6 Sensitive Data Exposure	10.6	5.3	Apr 3, 2024
Tablesome<= 1.0.33 Sensitive Data Exposure	10.6	5.3	Mar 29, 2024
Church Admin<= 4.4.6 Arbitrary File Upload	34.16	9.9	Feb 20, 2024
Newsletters<= 4.9.7 Cross Site Request Forgery (CSRF)	2.15	4.3	Feb 29, 2024
Podlove Web Player<= 5.7.3 Sensitive Data Exposure	10.6	5.3	Mar 30, 2024
FundEngine<= 1.6.4 Broken Access Control	10.6	5.3	Apr 2, 2024
Gutenify<= 1.4.0 Sensitive Data Exposure	10.6	5.3	Mar 30, 2024
Filebird<= 5.6.3 Sensitive Data Exposure	53	5.3	Mar 25, 2024
Academy LMS<= 1.9.25 Sensitive Data Exposure	10.6	5.3	Apr 3, 2024
ShopBuilder – Elementor WooCommerce Builder Addons<= 2.1.8 Sensitive Data Exposure	10.6	5.3	Apr 4, 2024
MC Woocommerce Wishlist<= 1.7.8 Broken Access Control	10.6	5.3	Apr 3, 2024
WP Job Manager<= 2.2.2 Sensitive Data Exposure	42.4	5.3	Mar 26, 2024
weDocs<= 2.1.4 Broken Access Control	10.6	5.3	Mar 30, 2024
SEOPress<= 7.7.1 Insecure Direct Object References (IDOR)	53	5.3	Mar 27, 2024
Robo Gallery<= 3.2.18 Sensitive Data Exposure	31.8	5.3	Mar 28, 2024
Newsletters<= 4.9.5 Arbitrary File Upload	N/A	9.1	Mar 6, 2024
Newsletters<= 4.9.5 Sensitive Data Exposure	15	7.5	Feb 29, 2024
Post Grid and Gutenberg Blocks<= 2.2.78 Sensitive Data Exposure	45	7.5	Mar 22, 2024
Hummingbird<= 3.7.3 Broken Access Control	39.56	4.3	Mar 25, 2024
AWP Classifieds<= 4.3.1 Cross Site Request Forgery (CSRF)	2.15	4.3	Feb 7, 2024
Podlove Podcast Publisher<= 4.0.12 SQL Injection	9.56	8.5	Feb 10, 2024
Church Admin<= 4.1.6 Broken Access Control	7.25	6.3	Feb 16, 2024
Church Admin<= 4.1.5 Arbitrary File Upload	34.16	9.9	Feb 15, 2024
Shortcode Addons<= 3.2.5 Arbitrary File Upload	N/A	9.1	Feb 23, 2024
CubeWP<= 1.1.12 Arbitrary File Upload	29.7	9.9	Feb 28, 2024
Church Admin<= 4.1.7 Cross Site Request Forgery (CSRF)	2.47	4.3	Feb 15, 2024
WP SMS<= 6.6.2 Cross Site Request Forgery (CSRF)	2.15	4.3	Mar 6, 2024
Tumult Hype Animations<= 1.9.12 Arbitrary File Upload	13.65	9.1	Feb 4, 2024
Tainacan<= 0.20.6 Sensitive Data Exposure	10.6	5.3	Feb 18, 2024

Report vulnerabilities to earn bounties and rewards!

Include pending