Muhammad Daffa

Twitter Github Website

28.11.2022

Alliance XP

480.7

Contributions

Contributions 85

Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

████

█████████████████████ █████ █████████████████████████████████████████████████

+21.6 AXP

5.4

Pending

████

██████████████ █████ █████████████████████████████████████████████████

+4.3 AXP

4.3

Pending

████

███████ █████ █████████████████████████████████████████████████

+4.3 AXP

4.3

Pending

████

█████████████████████ █████ ██████████████████████████████████████████

+5.4 AXP

5.4

Pending

████

██████████████ █████ ███████████████████████████████████

+17.2 AXP

4.3

Pending

████

█████████████████████ █████ ████████████████████████████████████████████████████████

+8.6 AXP

4.3

Pending

████

█████████████████████ █████ ███████████████████████████████████

+12.9 AXP

4.3

Pending

████

██████████████ █████ ████████████████████████████████████████████████████████

+8.6 AXP

4.3

Pending

████

+12.9 AXP

4.3

Pending

████

█████████████████████ █████ ██████████████████████████████████████████

+21.5 AXP

4.3

Pending

████

███████ █████ █████████████████████████████████████████████████

+0 AXP

5.9

Pending

████

██████████████ █████ ██████████████████████████████████████████

+12.9 AXP

4.3

Pending

████

███████ █████ █████████████████████████████████████████████████

+21.5 AXP

4.3

Pending

████

██████████████ █████ ███████████████████████████████████

+21 AXP

4.3

Pending

████

██████████████ █████ ████████████████████████████████████████████████████████

+12.9 AXP

4.3

Pending

████

███████ █████ ████████████████████████████████████████████████████████

+4.3 AXP

4.3

Pending

████

+4.3 AXP

4.3

Pending

████

███████ █████ █████████████████████████████████████████████████

+4.3 AXP

4.3

Pending

████

███████ █████ █████████████████████████████████████████████████

+2.15 AXP

4.3

Pending

████

███████ █████ █████████████████████████████████████████████████

+2.15 AXP

4.3

Pending

████

█████████████████████ █████ ██████████████████████████████████████████

+2.15 AXP

4.3

Pending

████

███████ █████ ███████████████████████████████████

+4.3 AXP

4.3

Pending

████

███████ █████ ██████████████████████████████████████████

+2.15 AXP

4.3

Pending

████

███████ █████ ██████████████████████████████████████████

+2.15 AXP

4.3

Pending

████

+2.15 AXP

4.3

Pending

Plugin

WordPress Ping Optimizer <= 2.35.1.2.3 CrossSite Request Forgery (CSRF) vulnerability

5.4

3 days ago

Plugin

WooCommerce Weight Based Shipping <= 5.4.1 Cross Site Request Forgery (CSRF) Vulnerability

+12.9 AXP

4.3

6 days ago

Plugin

Print Invoice & Delivery Notes for WooCommerce <= 4.7.2 CSRF Plugin Settings Reset vulnerability

+13 AXP

6.5

6 days ago

Plugin

When Last Login <= 1.2.1 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

02.03.2023

Plugin

WP Meteor Page Speed Optimization Topping <= 3.1.4 Cross Site Request Forgery (CSRF) vulnerability

+4.3 AXP

4.3

28.02.2023

Plugin

The Post Grid <= 5.0.4 Cross Site Request Forgery (CSRF)

+8.6 AXP

4.3

20.02.2023

Plugin

Starter Templates <= 3.1.20 Cross Site Request Forgery (CSRF)

+30.1 AXP

4.3

20.02.2023

Plugin

WP Table Builder – WordPress Table Plugin <= 1.4.6 Cross Site Scripting (XSS)

+0 AXP

5.9

20.02.2023

Plugin

TeraWallet – For WooCommerce <= 1.3.24 Cross Site Request Forgery (CSRF)

5.4

15.02.2023

Plugin

Void Contact Form 7 Widget For Elementor Page Builder <= 2.1.1 Cross Site Request Forgery (CSRF)

+8.6 AXP

4.3

12.02.2023

Plugin

Responsive Pricing Table <= 5.1.6 Auth. CrossSite Scripting (XSS) vulnerability

+6.5 AXP

6.5

07.02.2023

Plugin

A2 Optimized WP <= 3.0.4 Cross Site Request Forgery (CSRF) vulnerability

+12.9 AXP

4.3

06.02.2023

Plugin

CURCY <= 2.1.25 Unauthenticated plugin settings change vulnerability

+6.5 AXP

6.5

06.02.2023

Plugin

WooLentor <= 2.5.1 CSRF Leading to Plugin Settings Change Vulnerability

+16.2 AXP

5.4

06.02.2023

Plugin

Conversios.io <= 5.2.3 Cross Site Request Forgery (CSRF)

+16.2 AXP

5.4

06.02.2023

Plugin

Mercado Pago payments for WooCommerce <= 6.3.1 CrossSite Request Forgery (CSRF) vulnerability

+17.2 AXP

4.3

06.02.2023

Plugin

Mercado Pago payments for WooCommerce <= 6.3.1 CrossSite Request Forgery (CSRF) vulnerability

+21.6 AXP

5.4

06.02.2023

Plugin

Visualizer <= 3.9.1 Auth. CrossSite Scripting (XSS) vulnerability

+13 AXP

6.5

06.02.2023

Plugin

Flexible Elementor Panel <= 2.3.8 CrossSite Request Forgery (CSRF) vulnerability

+8.6 AXP

4.3

02.02.2023

Plugin

Side Cart Woocommerce (Ajax) < 2.1 CrossSite Request Forgery (CSRF) vulnerability

+12.9 AXP

4.3

02.02.2023

Plugin

Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.48 Cross Site Scripting (XSS)

+0 AXP

5.9

27.01.2023

Plugin

WooCommerce PDF Invoices & Packing Slips <= 3.2.5 Cross Site Request Forgery (CSRF)

+21.5 AXP

4.3

27.01.2023

Plugin

Exclusive Addons Elementor <= 2.6.1 CrossSite Request Forgery (CSRF) vulnerability

+8.6 AXP

4.3

27.01.2023

Plugin

PixelYourSite – Your smart PIXEL (TAG) Manager <= 9.3.0 Cross Site Request Forgery (CSRF) vulnerability

+21.5 AXP

4.3

20.01.2023

Plugin

AdRotate Banner Manager <= 5.9 Multiple CrossSite Request Forgery (CSRF) vulnerabilities

5.4

11.11.2022

Plugin

Content Egg <= 5.4.0 CrossSite Request Forgery (CSRF) vulnerability

4.3

31.10.2022

Plugin

TeraWallet – For WooCommerce <= 1.3.24 CrossSite Request Forgery (CSRF) vulnerability

5.4

30.10.2022

Plugin

Advanced Coupons for WooCommerce Coupons <= 4.5 CrossSite Request Forgery (CSRF) vulnerability

5.4

30.10.2022

Plugin

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 CrossSite Request Forgery (CSRF) vulnerability

5.4

30.10.2022

Plugin

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 CrossSite Request Forgery (CSRF) vulnerability

5.4

30.10.2022

Plugin

Custom Product Tabs for WooCommerce <= 1.7.9 Auth. Stored CrossSite Scripting (XSS) vulnerability

4.8

30.10.2022

Plugin

Booster for WooCommerce <= 5.6.6 CrossSite Request Forgery (CSRF) vulnerability

5.4

28.10.2022

Plugin

Creative Mail <= 1.5.4 CrossSite Request Forgery (CSRF) vulnerability

5.4

28.10.2022

Plugin

Creative Mail <= 1.5.4 CrossSite Request Forgery (CSRF) vulnerability

5.4

28.10.2022

Plugin

Backup Guard <= 1.6.9.0 Auth. Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

4.8

27.10.2022

Plugin

Analytify <= 4.2.2 CrossSite Request Forgery (CSRF) vulnerability

4.3

29.09.2022

Plugin

Advanced Ads – Ad Manager & AdSense <= 1.31.1 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

28.09.2022

Plugin

Manage Notification E-mails <= 1.8.2 CrossSite Request Forgery (CSRF) vulnerability

+0 AXP

4.3

27.09.2022

Plugin

WP Page Widget <= 3.9 CrossSite Request Forgery (CSRF) vulnerability

5.4

26.09.2022

Plugin

Seriously Simple Podcasting <= 2.16.0 CrossSite Request Forgery (CSRF) vulnerability

5.4

23.09.2022

Plugin

SEO Redirection <= 8.9 CrossSite Request Forgery (CSRF) vulnerability

5.4

23.09.2022

Plugin

MailOptin <= 1.2.49.0 Unauthenticated Optin Campaign Cache Deletion vulnerability

6.5

23.09.2022

Plugin

Customer Reviews for WooCommerce <= 5.3.5 Authenticated Broken Access Control vulnerability

4.3

22.09.2022

Plugin

Customer Reviews for WooCommerce <= 5.3.5 CrossSite Request Forgery (CSRF) vulnerability

4.3

22.09.2022

Plugin

Customer Reviews for WooCommerce <= 5.3.5 Sensitive Information Disclosure vulnerability

5.3

22.09.2022

Plugin

Advanced Dynamic Pricing for WooCommerce <= 4.1.3 CrossSite Request Forgery (CSRF) vulnerability

5.4

14.09.2022

Plugin

Booking Calendar <= 9.2.1 CrossSite Request Forgery (CSRF) leading to Translations Update

5.4

06.09.2022

Plugin

WP Shamsi <= 4.1.1 Authenticated Plugin Setting change vulnerability

4.3

05.09.2022

Plugin

Video Gallery <= 1.3.4.5 Broken Authentication

4.3

22.08.2022

Plugin

Search Exclude <= 1.2.6 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

22.08.2022

Plugin

MaxButtons <= 9.2 Authenticated Stored CrossSite Scripting (XSS) vulnerability

3.4

02.08.2022

Plugin

MaxButtons <= 9.2 Multiple CrossSite Request Forgery (CSRF) vulnerabilities

4.3

02.08.2022

Plugin

Download Manager <= 3.2.48 CrossSite Request Forgery (CSRF) vulnerability

4.2

02.08.2022

Plugin

MailerLite – Signup forms <= 1.5.7 CrossSite Request Forgery (CSRF) vulnerability

6.3

01.08.2022

Plugin

Modern Events Calendar Lite <= 6.5.1 Authenticated Stored CrossSite Scripting (XSS) vulnerability

3.4

14.04.2022

Plugin

WPvivid Backup and Migration <= 0.9.70 Arbitrary File Read vulnerability

2.7

07.04.2022

Plugin

wpDataTables <= 2.1.27 Stored CrossSite Scripting (XSS) vulnerability

3.4

04.04.2022

Plugin

WP Content Copy Protection & No Right Click <= 3.4.4 CrossSite Request Forgery (CSRF) leads to Settings Update vulnerability

4.3

16.02.2022

Plugin

wpDiscuz <= 7.3.11 Sensitive Information Disclosure

3.7

10.02.2022

Plugin

Charitable <= 1.6.50 Authenticated Stored CrossSite Scripting (XSS) vulnerability

5.4

21.07.2021

Include pending

Muhammad Daffa

Anonymous Guy

Solutions

WordPress security

Patchstack

Social

Solutions

WordPress security

Patchstack

Social

Muhammad Daffa

Anonymous Guy

Solutions

WordPress security

Patchstack

Social

Solutions

WordPress security

Patchstack

Social

Let us know if we have missed a vulnerability reported elsewhere

Thank you for contributing!