About Alliance Leaderboard Vulnerability database WordPress security
Login

Muhammad Daffa

0
1
1
2
Alliance XP
494.2
Contributions
89
Contributions 89
Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

Plugin

Meks Video Importer <= 1.0.10 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

5 September, 2023

Plugin

Meks Time Ago <= 1.1.6 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

5 September, 2023

Plugin

Meks ThemeForest Smart Widget <= 1.4 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

5 September, 2023

Plugin

Meks Smart Author Widget <= 1.1.3 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

5 September, 2023

Plugin

Meks Audio Player <= 1.2 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

5 September, 2023

Plugin

Meks Easy Maps <= 2.1.3 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

5 September, 2023

Plugin

Meks Easy Photo Feed Widget <= 1.2.7 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

5 September, 2023

Plugin

Meks Simple Flickr Widget <= 1.2 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

5 September, 2023

Plugin

Meks Easy Ads Widget <= 2.0.7 Cross Site Request Forgery (CSRF) vulnerability

+2.15 AXP

4.3

5 September, 2023

Plugin

Royal Elementor Addons <= 1.3.75 Multiple Cross Site Request Forgery (CSRF)

+17.2 AXP

4.3

22 August, 2023

Plugin

Meks Smart Social Widget <= 1.6 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

26 July, 2023

Plugin

WooLentor <= 2.6.2 Cross Site Request Forgery (CSRF) vulnerability

+12.9 AXP

4.3

5 July, 2023

Plugin

Visibility Logic for Elementor <= 2.3.4 Cross Site Request Forgery (CSRF)

+8.6 AXP

4.3

5 July, 2023

Plugin

Enhanced Text Widget <= 1.5.8 Broken Access Control vulnerability

+12.9 AXP

4.3

28 June, 2023

Plugin

Product Gallery Slider for WooCommerce <= 2.2.8 CrossSite Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

25 May, 2023

Plugin

Custom Twitter Feeds (Tweets Widget) <= 1.8.4 CrossSite Request Forgery (CSRF) vulnerability

5.4

25 May, 2023

Plugin

Performance Lab <= 2.2.0 Cross Site Request Forgery (CSRF)

+8.6 AXP

4.3

18 May, 2023

Plugin

Simple Share Buttons Adder <= 8.4.8 Cross Site Request Forgery (CSRF)

+12.9 AXP

4.3

19 April, 2023

Plugin

Ninja Tables <= 4.3.4 Cross Site Scripting (XSS)

+0 AXP

5.9

19 April, 2023

Plugin

Ninja Tables <= 4.3.4 Cross Site Request Forgery (CSRF)

+12.9 AXP

4.3

19 April, 2023

Plugin

ShopEngine <= 4.1.1 CrossSite Request Forgery (CSRF) vulnerability

+5.4 AXP

5.4

19 April, 2023

Plugin

YellowPencil Visual CSS Style Editor <= 7.5.8 Auth. Reflected CrossSite Scripting (XSS) vulnerability

+0 AXP

4.0

18 April, 2023

Plugin

Themify Portfolio Post <= 1.2.4 Auth. Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

4.1

18 April, 2023

Plugin

Custom Order Numbers for WooCommerce <= 1.4.0 CrossSite Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

14 April, 2023

Plugin

Shortlinks by Pretty Links <= 3.4.0 CrossSite Request Forgery (CSRF)

+21.5 AXP

4.3

13 April, 2023

Plugin

Health Check & Troubleshooting <= 1.5.1 Cross Site Request Forgery (CSRF)

+21 AXP

4.3

6 April, 2023

Plugin

Happy Addons for Elementor <= 3.8.2 Cross Site Request Forgery (CSRF) vulnerability

+21.5 AXP

4.3

29 March, 2023

Plugin

Popup Anything <= 2.2.1 CrossSite Request Forgery (CSRF) vulnerability

+0 AXP

4.3

28 March, 2023

Plugin

Product Feed PRO for WooCommerce <= 12.4.4 CrossSite Request Forgery (CSRF) vulnerability

+21.6 AXP

5.4

22 March, 2023

Plugin

WordPress Ping Optimizer <= 2.35.1.2.3 CrossSite Request Forgery (CSRF) vulnerability

5.4

16 March, 2023

Plugin

WooCommerce Weight Based Shipping <= 5.4.1 Cross Site Request Forgery (CSRF) Vulnerability

+12.9 AXP

4.3

13 March, 2023

Plugin

Print Invoice & Delivery Notes for WooCommerce <= 4.7.2 CSRF Plugin Settings Reset vulnerability

+13 AXP

6.5

13 March, 2023

Plugin

When Last Login <= 1.2.1 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

2 March, 2023

Plugin

WP Meteor Page Speed Optimization Topping <= 3.1.4 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

28 February, 2023

Plugin

The Post Grid <= 5.0.4 Cross Site Request Forgery (CSRF)

+8.6 AXP

4.3

20 February, 2023

Plugin

Starter Templates <= 3.1.20 Cross Site Request Forgery (CSRF)

+30.1 AXP

4.3

20 February, 2023

Plugin

WP Table Builder – WordPress Table Plugin <= 1.4.6 Cross Site Scripting (XSS)

+0 AXP

5.9

20 February, 2023

Plugin

TeraWallet – For WooCommerce <= 1.3.24 Cross Site Request Forgery (CSRF)

5.4

15 February, 2023

Plugin

Void Contact Form 7 Widget For Elementor Page Builder <= 2.1.1 Cross Site Request Forgery (CSRF)

+8.6 AXP

4.3

12 February, 2023

Plugin

Responsive Pricing Table <= 5.1.6 Auth. CrossSite Scripting (XSS) vulnerability

+6.5 AXP

6.5

7 February, 2023

Plugin

A2 Optimized WP <= 3.0.4 Cross Site Request Forgery (CSRF) vulnerability

+12.9 AXP

4.3

6 February, 2023

Plugin

CURCY <= 2.1.25 Unauthenticated plugin settings change vulnerability

+6.5 AXP

6.5

6 February, 2023

Plugin

WooLentor <= 2.5.1 CSRF Leading to Plugin Settings Change Vulnerability

+16.2 AXP

5.4

6 February, 2023

Plugin

Conversios.io <= 5.2.3 Cross Site Request Forgery (CSRF)

+16.2 AXP

5.4

6 February, 2023

Plugin

Mercado Pago payments for WooCommerce <= 6.3.1 CrossSite Request Forgery (CSRF) vulnerability

+17.2 AXP

4.3

6 February, 2023

Plugin

Mercado Pago payments for WooCommerce <= 6.3.1 CrossSite Request Forgery (CSRF) vulnerability

+21.6 AXP

5.4

6 February, 2023

Plugin

Visualizer <= 3.9.1 Auth. CrossSite Scripting (XSS) vulnerability

+13 AXP

6.5

6 February, 2023

Plugin

Flexible Elementor Panel <= 2.3.8 CrossSite Request Forgery (CSRF) vulnerability

+8.6 AXP

4.3

2 February, 2023

Plugin

Side Cart Woocommerce (Ajax) < 2.1 CrossSite Request Forgery (CSRF) vulnerability

+12.9 AXP

4.3

2 February, 2023

Plugin

Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.48 Cross Site Scripting (XSS)

+0 AXP

5.9

27 January, 2023

Plugin

WooCommerce PDF Invoices & Packing Slips <= 3.2.5 Cross Site Request Forgery (CSRF)

+21.5 AXP

4.3

27 January, 2023

Plugin

Exclusive Addons Elementor <= 2.6.1 CrossSite Request Forgery (CSRF) vulnerability

+8.6 AXP

4.3

27 January, 2023

Plugin

PixelYourSite – Your smart PIXEL (TAG) Manager <= 9.3.0 Cross Site Request Forgery (CSRF) vulnerability

+21.5 AXP

4.3

20 January, 2023

Plugin

AdRotate Banner Manager <= 5.9 Multiple CrossSite Request Forgery (CSRF) vulnerabilities

5.4

11 November, 2022

Plugin

Content Egg <= 5.4.0 CrossSite Request Forgery (CSRF) vulnerability

4.3

31 October, 2022

Plugin

TeraWallet – For WooCommerce <= 1.3.24 CrossSite Request Forgery (CSRF) vulnerability

5.4

30 October, 2022

Plugin

Advanced Coupons for WooCommerce Coupons <= 4.5 CrossSite Request Forgery (CSRF) vulnerability

5.4

30 October, 2022

Plugin

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 CrossSite Request Forgery (CSRF) vulnerability

5.4

30 October, 2022

Plugin

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 CrossSite Request Forgery (CSRF) vulnerability

5.4

30 October, 2022

Plugin

Custom Product Tabs for WooCommerce <= 1.7.9 Auth. Stored CrossSite Scripting (XSS) vulnerability

4.8

30 October, 2022

Plugin

Booster for WooCommerce <= 5.6.6 CrossSite Request Forgery (CSRF) vulnerability

5.4

28 October, 2022

Plugin

Creative Mail <= 1.5.4 CrossSite Request Forgery (CSRF) vulnerability

5.4

28 October, 2022

Plugin

Creative Mail <= 1.5.4 CrossSite Request Forgery (CSRF) vulnerability

5.4

28 October, 2022

Plugin

Backup Guard <= 1.6.9.0 Auth. Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

4.8

27 October, 2022

Plugin

Analytify <= 4.2.2 CrossSite Request Forgery (CSRF) vulnerability

4.3

29 September, 2022

Plugin

Advanced Ads – Ad Manager & AdSense <= 1.31.1 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

28 September, 2022

Plugin

Manage Notification E-mails <= 1.8.2 CrossSite Request Forgery (CSRF) vulnerability

+0 AXP

4.3

27 September, 2022

Plugin

WP Page Widget <= 3.9 CrossSite Request Forgery (CSRF) vulnerability

5.4

26 September, 2022

Plugin

Seriously Simple Podcasting <= 2.16.0 CrossSite Request Forgery (CSRF) vulnerability

5.4

23 September, 2022

Plugin

SEO Redirection <= 8.9 CrossSite Request Forgery (CSRF) vulnerability

5.4

23 September, 2022

Plugin

MailOptin <= 1.2.49.0 Unauthenticated Optin Campaign Cache Deletion vulnerability

6.5

23 September, 2022

Plugin

Customer Reviews for WooCommerce <= 5.3.5 Authenticated Broken Access Control vulnerability

4.3

22 September, 2022

Plugin

Customer Reviews for WooCommerce <= 5.3.5 CrossSite Request Forgery (CSRF) vulnerability

4.3

22 September, 2022

Plugin

Customer Reviews for WooCommerce <= 5.3.5 Sensitive Information Disclosure vulnerability

5.3

22 September, 2022

Plugin

Advanced Dynamic Pricing for WooCommerce <= 4.1.3 CrossSite Request Forgery (CSRF) vulnerability

5.4

14 September, 2022

Plugin

Booking Calendar <= 9.2.1 CrossSite Request Forgery (CSRF) leading to Translations Update

5.4

6 September, 2022

Plugin

WP Shamsi <= 4.1.1 Authenticated Plugin Setting change vulnerability

4.3

5 September, 2022

Plugin

Video Gallery <= 1.3.4.5 Broken Authentication

4.3

22 August, 2022

Plugin

Search Exclude <= 1.2.6 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

22 August, 2022

Plugin

MaxButtons <= 9.2 Authenticated Stored CrossSite Scripting (XSS) vulnerability

3.4

2 August, 2022

Plugin

MaxButtons <= 9.2 Multiple CrossSite Request Forgery (CSRF) vulnerabilities

4.3

2 August, 2022

Plugin

Download Manager <= 3.2.48 CrossSite Request Forgery (CSRF) vulnerability

4.2

2 August, 2022

Plugin

MailerLite – Signup forms <= 1.5.7 CrossSite Request Forgery (CSRF) vulnerability

6.3

1 August, 2022

Plugin

Modern Events Calendar Lite <= 6.5.1 Authenticated Stored CrossSite Scripting (XSS) vulnerability

3.4

14 April, 2022

Plugin

WPvivid Backup and Migration <= 0.9.70 Arbitrary File Read vulnerability

2.7

7 April, 2022

Plugin

wpDataTables <= 2.1.27 Stored CrossSite Scripting (XSS) vulnerability

3.4

4 April, 2022

Plugin

WP Content Copy Protection & No Right Click <= 3.4.4 CrossSite Request Forgery (CSRF) leads to Settings Update vulnerability

4.3

16 February, 2022

Plugin

wpDiscuz <= 7.3.11 Sensitive Information Disclosure

3.7

10 February, 2022

Plugin

Charitable <= 1.6.50 Authenticated Stored CrossSite Scripting (XSS) vulnerability

5.4

21 July, 2021

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close