Muhammad Daffa

Say thanks

633.89

XP

97

Reports

0

Reports, last 90 days

#9

15 Dec, 2025
Lvl 3
0
1
1
2
Website
X
GitHub
Affected software | Vulnerability
CVE
AXP
Severity
Reported
Pinpoint Booking System<= 2.9.9.5.7
Broken Access Control
6.3
6.3
Aug 1, 2024
Pinpoint Booking System<= 2.9.9.5.7
Cross Site Request Forgery (CSRF)
10.8
5.4
Aug 1, 2024
Edwiser Bridge<= 3.0.7
Server Side Request Forgery (SSRF)
4.9
4.9
Aug 2, 2024
Edwiser Bridge<= 3.0.7
Cross Site Scripting (XSS)
6.5
6.5
Aug 2, 2024
WordPress Portfolio Builder – Portfolio Gallery<= 1.1.7
Cross Site Scripting (XSS)
4.88
6.5
Aug 4, 2024
Like Button Rating<= 2.6.53
Cross Site Request Forgery (CSRF)
3.55
7.1
Aug 6, 2024
EasyJobs<= 2.4.14
Cross Site Request Forgery (CSRF)
3.55
7.1
Aug 6, 2024
Podlove Podcast Publisher<= 4.1.13
Cross Site Request Forgery (CSRF)
4.8
9.6
Aug 5, 2024
Podlove Podcast Publisher<= 4.1.13
Cross Site Scripting (XSS)
4.88
6.5
Aug 5, 2024
GetPaid<= 2.8.11
Broken Access Control
3.23
4.3
Aug 6, 2024
WPMobile.App<= 11.48
Cross Site Request Forgery (CSRF)
8.6
7.1
Aug 4, 2024
Print Barcode Labels for your WooCommerce products/orders<= 3.4.9
Broken Access Control
6.5
6.5
Aug 2, 2024
WP Telegram Widget and Join Link<= 2.1.27
Cross Site Scripting (XSS)
4.88
6.5
Aug 4, 2024
Event Management Tickets Booking<= 1.4.3
Sensitive Data Exposure
10.6
5.3
Oct 27, 2023
Contact Form Widget<= 1.3.9
Sensitive Data Exposure
10.6
5.3
Oct 27, 2023
Realtyna Organic IDX plugin<= 4.14.4
Cross Site Scripting (XSS)
14.2
7.1
Oct 25, 2023
Forms to Zapier, Integromat, IFTTT, Workato, Automate.io, elastic.io, Built.io, APIAN<= 1.1.12
SQL Injection
N/A
7.6
Oct 26, 2023
CBX Bookmark & Favorite<= 1.7.20
SQL Injection
N/A
7.6
Oct 25, 2023
User Activity Log<= 1.9
SQL Injection
N/A
7.6
Oct 19, 2023
Edwiser Bridge<= 3.0.2
SQL Injection
N/A
7.6
Oct 25, 2023
10Web Map Builder for Google Maps<= 1.0.74
SQL Injection
N/A
7.6
Oct 24, 2023
Paid Memberships Pro – Mailchimp Add On<= 2.3.4
Sensitive Data Exposure
10.6
5.3
Nov 9, 2023
WordPress Announcement & Notification Banner Plugin – Bulletin<= 3.8.5
SQL Injection
N/A
7.6
Oct 25, 2023
Albo Pretorio Online<= 4.6.6
Sensitive Data Exposure
10.6
5.3
Oct 27, 2023
Recipe Maker For Your Food Blog from Zip Recipes<= 8.1.0
SQL Injection
8.55
7.6
Oct 25, 2023
Product Feed Manager<= 7.3.15
Directory Traversal
N/A
5.5
Oct 23, 2023
Events Shortcodes & Templates For The Events Calendar<= 2.3.1
SQL Injection
8.55
7.6
Oct 20, 2023
WS Form LITE<= 1.9.170
SQL Injection
N/A
7.6
Oct 25, 2023
GEO my WordPress<= 4.0.2
SQL Injection
N/A
7.6
Oct 25, 2023
Most And Least Read Posts Widget<= 2.5.16
SQL Injection
9.56
8.5
Oct 25, 2023
WP Adminify<= 3.1.6
SQL Injection
N/A
7.6
Oct 25, 2023
Page Generator<= 1.7.1
SQL Injection
N/A
7.6
Oct 25, 2023
eCommerce Product Catalog<= 3.3.26
Sensitive Data Exposure
10.6
5.3
Nov 9, 2023
Product Catalog Simple<= 1.7.6
Sensitive Data Exposure
10.6
5.3
Nov 9, 2023
FunnelKit Automations<= 2.6.1
SQL Injection
N/A
7.6
Oct 19, 2023
Funnel Builder by FunnelKit<= 2.14.3
SQL Injection
N/A
7.6
Oct 23, 2023
Pre* Party Resource Hints<= 1.8.19
SQL Injection
N/A
7.6
Oct 26, 2023
Squirrly SEO - Advanced Pack< 2.4.02
SQL Injection
N/A
7.6
Nov 6, 2023
Advanced Form Integration<= 1.75.0
SQL Injection
N/A
7.6
Oct 23, 2023
BookIt<= 2.4.3
SQL Injection
N/A
7.6
Oct 18, 2023
Simply Schedule Appointments< 1.6.6.1
SQL Injection
N/A
7.6
Oct 18, 2023
e2pdf<= 1.20.23
SQL Injection
N/A
7.6
Oct 18, 2023
404 Solution<= 2.34.0
SQL Injection
N/A
7.6
Oct 18, 2023
Welcart e-Commerce<= 2.9.3
SQL Injection
5.7
7.6
Oct 17, 2023
RegistrationMagic<= 5.2.4.5
SQL Injection
N/A
7.6
Oct 18, 2023
GeoDirectory<= 2.3.28
SQL Injection
N/A
7.6
Oct 17, 2023
WP Mail Catcher<= 2.1.3
SQL Injection
N/A
7.6
Oct 17, 2023
Cookie Bar<= 2.0
Cross Site Scripting (XSS)
N/A
5.9
Oct 17, 2023
Link Whisper Free<= 0.6.5
SQL Injection
19.13
8.5
Oct 19, 2023
Quick Call Button<= 1.2.9
Cross Site Scripting (XSS)
N/A
5.9
Oct 17, 2023
iPages Flipbook<= 1.4.8
SQL Injection
N/A
7.6
Oct 25, 2023
ImageLinks Interactive Image Builder<= 1.5.4
SQL Injection
N/A
7.6
Oct 25, 2023
Store Exporter<= 2.7.2
Cross Site Scripting (XSS)
14.2
7.1
Oct 23, 2023
GD Security Headers<= 1.7
SQL Injection
N/A
7.6
Oct 25, 2023
ICS Calendar<= 10.12.0.3
Arbitrary File Download
9.23
8.2
Oct 18, 2023
Table of Contents Plus<= 2302
Cross Site Request Forgery (CSRF)
13.5
5.4
Aug 27, 2023
Meks Video Importer<= 1.0.10
Cross Site Request Forgery (CSRF)
2.15
4.3
Feb 20, 2023
Meks Time Ago<= 1.1.6
Cross Site Request Forgery (CSRF)
2.15
4.3
Feb 20, 2023
Meks ThemeForest Smart Widget<= 1.4
Cross Site Request Forgery (CSRF)
2.15
4.3
Feb 20, 2023
Meks Smart Author Widget<= 1.1.3
Cross Site Request Forgery (CSRF)
4.3
4.3
Feb 20, 2023
Meks Audio Player<= 1.2
Cross Site Request Forgery (CSRF)
2.15
4.3
Feb 20, 2023
Meks Easy Maps<= 2.1.3
Cross Site Request Forgery (CSRF)
2.15
4.3
Feb 20, 2023
Meks Easy Photo Feed Widget<= 1.2.7
Cross Site Request Forgery (CSRF)
4.3
4.3
Feb 20, 2023
Meks Simple Flickr Widget<= 1.2
Cross Site Request Forgery (CSRF)
4.3
4.3
Feb 19, 2023
Meks Easy Ads Widget<= 2.0.7
Cross Site Request Forgery (CSRF)
2.15
4.3
Feb 20, 2023
Royal Elementor Addons<= 1.3.75
Cross Site Request Forgery (CSRF)
17.2
4.3
Dec 9, 2022
Meks Smart Social Widget<= 1.6
Cross Site Request Forgery (CSRF)
4.3
4.3
Feb 19, 2023
ShopLentor<= 2.6.2
Cross Site Request Forgery (CSRF)
12.9
4.3
Dec 9, 2022
Visibility Logic for Elementor<= 2.3.4
Cross Site Request Forgery (CSRF)
8.6
4.3
Dec 9, 2022
Enhanced Text Widget<= 1.5.8
Broken Access Control
12.9
4.3
Jan 10, 2023
Product Gallery Slider for WooCommerce<= 2.2.8
Cross Site Request Forgery (CSRF)
4.3
4.3
Nov 11, 2022
Custom Twitter Feeds (Tweets Widget)<= 1.8.4
Cross Site Request Forgery (CSRF)
N/A
5.4
No date
Performance Lab<= 2.2.0
Cross Site Request Forgery (CSRF)
8.6
4.3
Dec 10, 2022
Simple Share Buttons Adder<= 8.5.2
Cross Site Request Forgery (CSRF)
12.9
4.3
Dec 10, 2022
Ninja Tables<= 4.3.4
Cross Site Scripting (XSS)
N/A
5.9
Dec 12, 2022
Ninja Tables<= 4.3.4
Cross Site Request Forgery (CSRF)
12.9
4.3
Dec 12, 2022
ShopEngine<= 4.1.1
Cross Site Request Forgery (CSRF)
5.4
5.4
Nov 11, 2022
YellowPencil Visual CSS Style Editor<= 7.5.8
Cross Site Scripting (XSS)
N/A
4
No date
Themify Portfolio Post<= 1.2.4
Cross Site Scripting (XSS)
6.5
4.1
Jan 28, 2022
Custom Order Numbers for WooCommerce<= 1.4.0
Cross Site Request Forgery (CSRF)
4.3
4.3
Nov 11, 2022
Shortlinks by Pretty Links<= 3.4.0
Cross Site Request Forgery (CSRF)
21.5
4.3
Dec 10, 2022
Health Check & Troubleshooting<= 1.5.1
Cross Site Request Forgery (CSRF)
21
4.3
Dec 14, 2022
Happy Addons for Elementor<= 3.8.2
Cross Site Request Forgery (CSRF)
21.5
4.3
Dec 13, 2022
Popup Anything<= 2.2.1
Cross Site Request Forgery (CSRF)
N/A
4.3
Apr 14, 2022
Product Feed PRO for WooCommerce<= 12.4.4
Cross Site Request Forgery (CSRF)
21.6
5.4
Sep 30, 2022
WordPress Ping Optimizer<= 2.35.1.2.3
Cross Site Request Forgery (CSRF)
N/A
5.4
No date
WooCommerce Weight Based Shipping<= 5.4.1
Cross Site Request Forgery (CSRF)
12.9
4.3
Oct 3, 2022
Print Invoice & Delivery Notes for WooCommerce<= 4.7.2
Cross Site Request Forgery (CSRF)
13
6.5
Sep 30, 2022
When Last Login<= 1.2.1
Cross Site Request Forgery (CSRF)
4.3
4.3
Feb 19, 2023
WP Meteor Page Speed Optimization Topping<= 3.1.4
Cross Site Request Forgery (CSRF)
4.3
4.3
Feb 19, 2023
The Post Grid<= 5.0.4
Cross Site Request Forgery (CSRF)
8.6
4.3
Dec 9, 2022
Starter Templates<= 3.1.20
Cross Site Request Forgery (CSRF)
30.1
4.3
Dec 9, 2022
WP Table Builder<= 1.4.6
Cross Site Scripting (XSS)
N/A
5.9
Dec 11, 2022
TeraWallet – For WooCommerce<= 1.3.24
Cross Site Request Forgery (CSRF)
N/A
5.4
No date
Void Contact Form 7 Widget For Elementor Page Builder<= 2.1.1
Cross Site Request Forgery (CSRF)
8.6
4.3
Dec 9, 2022
Responsive Pricing Table<= 5.1.6
Cross Site Scripting (XSS)
6.5
6.5
Dec 11, 2022
A2 Optimized WP<= 3.0.4
Cross Site Request Forgery (CSRF)
12.9
4.3
Jan 10, 2023
CURCY<= 2.1.25
Broken Access Control
6.5
6.5
Sep 30, 2022
ShopLentor<= 2.5.1
Cross Site Request Forgery (CSRF)
16.2
5.4
Oct 3, 2022
Conversios.io<= 5.2.3
Cross Site Request Forgery (CSRF)
16.2
5.4
Oct 3, 2022

Report vulnerabilities to earn bounties and rewards!

Read more