Abdi Pranata

Say thanks

3695.5

XP

485

Reports

0

Reports, last 90 days

#25

24 Dec, 2025

Lvl 6

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Spotlight - Social Media Feeds (Premium)<= 1.7.1 Sensitive Data Exposure	10.6	5.3	Jan 21, 2025
TableOn<= 1.0.3 Cross Site Scripting (XSS)	14.2	7.1	Dec 31, 2024
Listings for Buildium<= 0.1.5 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 14, 2025
Restrict User Registration<= 1.0.1 Cross Site Scripting (XSS)	14.2	7.1	Feb 18, 2025
WP AutoKeyword<= 1.0 Cross Site Scripting (XSS)	14.2	7.1	Dec 26, 2024
WP SmartPay<= 2.8.2 Other Vulnerability Type	15	7.5	Mar 9, 2025
Coming Soon Countdown<= 2.2 Cross Site Scripting (XSS)	14.2	7.1	Dec 26, 2024
WP w3all phpBB<= 2.9.9 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 24, 2024
DeBounce Email Validator<= 5.7.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 26, 2024
WordPress Spam Blocker<= 2.0.5 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 26, 2024
WP Abstracts<= 2.7.5 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 31, 2024
Foliopress WYSIWYG<= 2.6.18 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 19, 2025
User Session Synchronizer<= 1.4.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 20, 2025
Nimbata Call Tracking<= 1.7.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 22, 2025
Multiple Location Google Map<= 1.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 22, 2025
KeyCAPTCHA<= 2.5.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 23, 2025
WP Map Route Planner<= 1.0.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 23, 2025
PlainInventory<= 3.1.9 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 25, 2025
Czater.pl – live chat i telefon<= 1.0.5 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 27, 2025
1 Click WordPress Migration<= 2.3.7 Sensitive Data Exposure	10.6	5.3	Dec 23, 2024
Social Share Buttons & Analytics Plugin – GetSocial.io<= 4.5 Broken Access Control	4.3	4.3	Jul 12, 2024
TableOn<= 1.0.4.3 Broken Access Control	N/A	5.4	Dec 31, 2024
Team Builder<= 1.3 Cross Site Scripting (XSS)	14.2	7.1	Jan 22, 2025
MyBookProgress by Stormhill Media<= 1.0.8 Cross Site Scripting (XSS)	6.5	6.5	Dec 31, 2024
Contact Form vCard Generator<= 2.4 Cross Site Scripting (XSS)	14.2	7.1	Jan 15, 2025
PeproDev CF7 Database<= 2.0.0 Cross Site Scripting (XSS)	14.2	7.1	Jan 20, 2025
JSON Structuring Markup<= 0.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 25, 2025
WP Clone any post type<= 3.6 Broken Access Control	10.6	5.3	Dec 23, 2024
WP Clone any post type<= 3.6 Unvalidated Redirects and Forwards	9.4	4.7	Dec 23, 2024
SMM API<= 6.0.30 Cross Site Scripting (XSS)	13	6.5	Jan 14, 2025
Theme Duplicator<= 1.1 Cross Site Request Forgery (CSRF)	2.15	4.3	Dec 24, 2024
Viral Loops WP Integration<= 3.4.0 Sensitive Data Exposure	N/A	5.3	Dec 28, 2024
ACF City Selector<= 1.17.0 Sensitive Data Exposure	N/A	5.3	Jan 19, 2025
Mobile App Canvas<= 3.8.2 Broken Access Control	N/A	5.4	Dec 31, 2024
Pin Generator<= 2.0.0 Broken Access Control	N/A	5.4	Dec 28, 2024
Fonts Manager \| Custom Fonts<= 1.2 Cross Site Scripting (XSS)	14.2	7.1	Jan 19, 2025
LeadLab by wiredminds<= 1.3 Cross Site Scripting (XSS)	14.2	7.1	Jan 25, 2025
The Logo Slider<= 1.0.0 Cross Site Scripting (XSS)	14.2	7.1	Jan 22, 2025
RJ Quickcharts<= 0.6.1 SQL Injection	17	8.5	Jan 21, 2025
Leadfox for WordPress<= 2.1.9 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 14, 2025
WP Copy Media URL<= 2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 15, 2025
Related Posts Widget with Thumbnails<= 1.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 23, 2025
wordpress related Posts with thumbnails<= 3.0.0.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 23, 2025
Rio Video Gallery<= 2.3.6 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 25, 2025
Kento WordPress Stats<= 1.1 Cross Site Scripting (XSS)	14.2	7.1	Feb 28, 2025
Store Locator Widget<= 2025r2 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 30, 2024
Map Contact<= 3.0.4 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 9, 2025
LH OGP Meta<= 1.73 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 9, 2025
cTabs<= 1.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 9, 2025
Pro Rank Tracker<= 1.0.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 9, 2025
ANAC XML Render<= 1.5.7 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 28, 2025
WordPres 同步微博<= 1.1.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 28, 2025
Omnify<= 2.0.3 Cross Site Scripting (XSS)	14.2	7.1	Feb 25, 2025
Fiverr.com Official Search Box<= 1.0.8 Cross Site Scripting (XSS)	6.5	6.5	Feb 25, 2025
Arrow Maps<= 1.0.9 Cross Site Scripting (XSS)	14.2	7.1	Feb 28, 2025
Teleport<= 1.2.4 Cross Site Scripting (XSS)	14.2	7.1	Feb 28, 2025
Cookies Pro<= 1.0 Cross Site Scripting (XSS)	14.2	7.1	Jan 31, 2025
Zalo Live Chat<= 1.1.0 Cross Site Scripting (XSS)	14.2	7.1	Jan 31, 2025
GDPR Tools<= 1.0.2 Cross Site Scripting (XSS)	6.5	6.5	Jan 31, 2025
MaxA/B<= 2.2.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 20, 2025
Insert Code<= 2.4 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 20, 2025
Hashtags<= 0.3.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 20, 2025
No Disposable Email<= 2.5.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 21, 2025
Members page only for logged in users<= 1.4.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 24, 2025
TabGarb Pro<= 2.6 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 24, 2025
AS English Admin<= 1.0.0 Open Redirection	N/A	4.7	Feb 24, 2025
Custom top bar<= 2.0.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 24, 2025
List of Posts from each Category plugin for WordPress<= 2.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 24, 2025
FTP Sync<= 1.1.6 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 24, 2025
price-calc<= 0.6.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 24, 2025
WP Compare Tables<= 1.0.5 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 25, 2025
Google News Editors Picks Feed Generator<= 2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 28, 2025
Random Image Selector<= 2.4 Cross Site Scripting (XSS)	14.2	7.1	Jan 31, 2025
无觅相关文章插件<= 1.0.5.7 Cross Site Request Forgery (CSRF)	3.55	7.1	Feb 18, 2025
Add Linked Images To Gallery<= 1.4 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 29, 2025
Tribulant Gallery Voting<= 1.2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 30, 2025
Zigaform – Form Builder Lite<= 7.4.2 Cross Site Scripting (XSS)	14.2	7.1	Jan 17, 2025
Zigaform – Price Calculator & Cost Estimation Form Builder Lite<= 7.4.2 Cross Site Scripting (XSS)	14.2	7.1	Jan 17, 2025
Fast Flow<= 1.2.16 Cross Site Scripting (XSS)	14.2	7.1	Jan 19, 2025
Magic the Gathering Card Tooltips<= 3.5.0 Cross Site Scripting (XSS)	14.2	7.1	Jan 22, 2025
Spotlight Social Media Feeds<= 1.7.1 Sensitive Data Exposure	31.8	5.3	Jan 19, 2025
Content Snippet Manager<= 1.1.5 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 19, 2025
what3words Address Field<= 4.0.15 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 15, 2025
Simple Responsive Menu<= 2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 31, 2025
Related Posts Line-up-Exactly by Milliard<= 0.0.22 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 31, 2025
My Login Logout Plugin<= 2.4 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 31, 2025
WP Html Page Sitemap<= 2.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 31, 2025
Global Meta Keyword & Description<= 2.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 31, 2025
Bootstrap collapse<= 1.0.4 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 31, 2025
Naver Syndication V2<= 0.8.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 31, 2025
Easy Amazon Product Information<= 4.0.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 29, 2025
Glance That<= 4.9 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 29, 2025
Wibiya Toolbar<= 2.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 29, 2025
DX-auto-publish<= 1.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 30, 2025
Simple Documentation<= 1.2.8 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 30, 2025
Page/Post Specific Social Share Buttons<= 2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 30, 2025
TinyMCE Advanced qTranslate fix editor problems<= 1.0.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 30, 2025
Listings for Appfolio<= 1.2.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 14, 2025
OneStore Sites<= 0.1.1 Cross Site Request Forgery (CSRF)	14.4	9.6	Jan 10, 2025
Starter Templates by FancyWP<= 2.0.0 Cross Site Request Forgery (CSRF)	14.4	9.6	Jan 10, 2025

Report vulnerabilities to earn bounties and rewards!

Include pending