SOPROBRO

3,771.88

XP

749

Reports

0

Reports, last 90 days

#25

3 Apr, 2026

🇬🇧

Lvl 6

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Portfolio Manager Lite<= 1.20 Cross Site Scripting (XSS)	14.2	7.1	06/10/2024
Toggles Shortcode and Widget<= 1.14 Cross Site Scripting (XSS)	14.2	7.1	06/10/2024
Info Boxes Shortcode and Widget<= 1.15 Cross Site Scripting (XSS)	14.2	7.1	06/10/2024
Popping Sidebars and Widgets Light<= 1.27 Cross Site Scripting (XSS)	14.2	7.1	06/10/2024
OTW TinyMCE Widget<= 1.7 Cross Site Scripting (XSS)	14.2	7.1	06/10/2024
Quotes Shortcode and Widget<= 1.14 Cross Site Scripting (XSS)	14.2	7.1	05/10/2024
Dropcaps Shortcode and Widget<= 1.8 Cross Site Scripting (XSS)	14.2	7.1	05/10/2024
Post Custom Templates Lite<= 1.14 Cross Site Scripting (XSS)	14.2	7.1	06/10/2024
IP2Location Variables<= 2.9.5 Cross Site Request Forgery (CSRF)	3.55	7.1	06/10/2024
WP_DEBUG Toggle<= 1.1 Cross Site Scripting (XSS)	14.2	7.1	15/12/2024
Related Videos for JW Player<= 1.2.0 Cross Site Scripting (XSS)	14.2	7.1	26/10/2024
Codescar Radio Widget<= 0.4.2 Cross Site Request Forgery (CSRF)	3.55	7.1	06/10/2024
Rentsyst<= 2.0.92 Cross Site Request Forgery (CSRF)	3.55	7.1	09/10/2024
ePaper Lister for Yumpu<= 1.4.0 Cross Site Request Forgery (CSRF)	3.55	7.1	11/10/2024
Link Shield<= 0.5.4 Cross Site Request Forgery (CSRF)	3.55	7.1	12/10/2024
MultiMailer<= 1.0.3 Cross Site Request Forgery (CSRF)	3.55	7.1	13/10/2024
ALD Login Page<= 1.1 Cross Site Request Forgery (CSRF)	3.55	7.1	29/10/2024
SEO, Nutrition and Print for Recipes by Edamam<= 3.3 Cross Site Request Forgery (CSRF)	3.55	7.1	11/12/2024
WP Calais Auto Tagger<= 2.0 Cross Site Request Forgery (CSRF)	3.55	7.1	15/12/2024
Popping Content Light<= 2.4 Cross Site Scripting (XSS)	14.2	7.1	05/10/2024
QR Master<= 1.0.5 Cross Site Scripting (XSS)	14.2	7.1	05/10/2024
Widgetize Pages Light<= 3.0 Cross Site Scripting (XSS)	14.2	7.1	06/10/2024
Rollbar<= 2.7.1 Cross Site Request Forgery (CSRF)	2.7	5.4	26/08/2024
Simple WP Events<= 1.8.17 Cross Site Scripting (XSS)	4.88	6.5	02/10/2024
Search, Filters & Merchandising for WooCommerce<= 3.0.58 Cross Site Scripting (XSS)	4.88	6.5	05/12/2024
Libro de Reclamaciones y Quejas<= 1.0 Cross Site Request Forgery (CSRF)	3.55	7.1	23/09/2024
Sidebar Manager Light<= 1.18 Cross Site Request Forgery (CSRF)	3.55	7.1	20/09/2024
Botnet Attack Blocker<= 2.0.0 Cross Site Scripting (XSS)	6.5	6.5	06/12/2024
Advanced Typekit<= 1.0.1 Cross Site Scripting (XSS)	6.5	6.5	16/12/2024
Lexicata<= 1.0.16 Cross Site Scripting (XSS)	14.2	7.1	08/10/2024
Ebook Downloader<= 1.0 Cross Site Request Forgery (CSRF)	3.55	7.1	15/12/2024
Ebook Downloader<= 1.0 Cross Site Scripting (XSS)	N/A	6.5	15/12/2024
Norse Rune Oracle Plugin<= 1.4.3 Cross Site Scripting (XSS)	N/A	6.5	17/12/2024
Turisbook Booking System<= 1.3.8 Cross Site Scripting (XSS)	4.88	6.5	25/10/2024
Sprout Clients<= 3.2 Cross Site Scripting (XSS)	4.88	6.5	12/10/2024
Content Manager Light<= 3.2 Cross Site Scripting (XSS)	4.88	6.5	04/10/2024
PhotoShelter for Photographers Blog Feed Plugin<= 1.5.7 Cross Site Scripting (XSS)	N/A	6.5	01/12/2024
Hypotext<= 1.0.1 Cross Site Scripting (XSS)	N/A	6.5	16/12/2024
Boo Recipes<= 2.4.1 Cross Site Scripting (XSS)	N/A	6.5	15/12/2024
WP Chrono<= 1.5.4 Cross Site Scripting (XSS)	N/A	6.5	13/12/2024
Lightweight and Responsive Youtube Embed<= 1.0.0 Cross Site Scripting (XSS)	N/A	6.5	11/12/2024
Easy Magazine<= 2.1.13 Cross Site Scripting (XSS)	N/A	6.5	15/12/2024
Client Showcase<= 1.2.0 Cross Site Scripting (XSS)	4.88	6.5	13/10/2024
Auto scroll for reading<= 1.1.4 Cross Site Scripting (XSS)	14.2	7.1	02/01/2025
Infusionsoft Web Form JavaScript<= 1.1.1 Cross Site Scripting (XSS)	N/A	6.5	16/12/2024
Useinfluence<= 1.0.8 Cross Site Request Forgery (CSRF)	3.55	7.1	16/12/2024
Processing Projects<= 1.0.2 Cross Site Scripting (XSS)	N/A	6.5	16/12/2024
Rich Text Editor<= 1.0.1 Cross Site Request Forgery (CSRF)	3.55	7.1	16/12/2024
byBrick Accordion<= 1.0 Cross Site Scripting (XSS)	N/A	6.5	16/12/2024
CoverManager<= 0.0.1 Cross Site Scripting (XSS)	N/A	6.5	16/12/2024
PostmarkApp Email Integrator<= 2.4 Cross Site Request Forgery (CSRF)	3.55	7.1	17/12/2024
Varnish WordPress<= 1.7 Cross Site Request Forgery (CSRF)	3.55	7.1	17/12/2024
Simple Contact Forms<= 1.6.4 Cross Site Request Forgery (CSRF)	3.55	7.1	17/12/2024
Terms Before Download<= 1.0.5 Cross Site Scripting (XSS)	N/A	6.5	17/12/2024
AB Google Map Travel <= 4.6 Cross Site Request Forgery (CSRF)	3.55	7.1	19/12/2024
CookieHint WP<= 1.0.0 Cross Site Scripting (XSS)	N/A	6.5	21/12/2024
Simple-Audioplayer<= 1.1 Cross Site Scripting (XSS)	N/A	6.5	21/12/2024
Ultimate Live Cricket WordPress Lite<= 1.4.2 Cross Site Scripting (XSS)	N/A	6.5	29/12/2024
Custom Content Scrollbar<= 1.3 Cross Site Scripting (XSS)	N/A	6.5	29/12/2024
Secret Meta<= 1.2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	22/10/2024
Cazamba<= 1.2 Cross Site Request Forgery (CSRF)	3.55	7.1	22/10/2024
CM Map Locations<= 2.0.8 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
CM On Demand Search And Replace<= 1.4.5 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
WP Social Stream<= 1.1 Cross Site Request Forgery (CSRF)	3.55	7.1	22/10/2024
Vignette Ads<= 0.2 Cross Site Request Forgery (CSRF)	3.55	7.1	21/10/2024
WP Admin Custom Page<= 1.5.0 Cross Site Request Forgery (CSRF)	3.55	7.1	22/10/2024
Breaking News Ticker<= 2.4.4 Cross Site Scripting (XSS)	4.88	6.5	02/01/2025
Show notice or message on admin area<= 2.0 Cross Site Request Forgery (CSRF)	3.55	7.1	21/10/2024
CM Ad Changer<= 1.9.8 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
CM Answers<= 3.2.4 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
CM Business Directory<= 1.3.9 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
CM Curated List Manager<= 1.1.7 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
CM Custom WordPress Reports and Analytics<= 1.2.0 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
CM Download Manager<= 2.9.2 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
CM Email Registration Blacklist and Whitelist<= 1.5.2 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
CM WordPress FAQ Plugin<= 1.2.0 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
CM Header and Footer<= 1.2.0 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
CM Pop-Up banners<= 1.7.3 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
CM Product Recommendation Widget<= 1.1.5 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
CM Registration and Invitation Codes<= 2.4.6 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
CM Table Of Contents – WordPress TOC Plugin<= 1.2.1 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
CM Tooltip Glossary<= 4.3.11 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
Video Lessons Manager<= 1.8.0 Cross Site Scripting (XSS)	14.2	7.1	07/10/2024
UniTimetable<= 1.1 Cross Site Scripting (XSS)	13	6.5	22/10/2024
seekXL Snapr<= 2.0.6 Cross Site Scripting (XSS)	14.2	7.1	22/10/2024
Album Reviewer<= 2.0.2 Cross Site Scripting (XSS)	14.2	7.1	22/10/2024
Issuu Panel<= 2.1.1 Cross Site Request Forgery (CSRF)	3.55	7.1	21/10/2024
Post Carousel Slider<= 2.0.1 Cross Site Request Forgery (CSRF)	3.55	7.1	17/10/2024
FlashCounter<= 1.1.8 Cross Site Request Forgery (CSRF)	3.55	7.1	21/10/2024
Full Circle<= 0.5.7.8 Cross Site Request Forgery (CSRF)	3.55	7.1	21/10/2024
Fare Calculator<= 1.1 Cross Site Request Forgery (CSRF)	3.55	7.1	29/10/2024
Internal Link Builder<= 1.0 Cross Site Request Forgery (CSRF)	3.55	7.1	05/10/2024
Scroll Styler<= 1.1 Cross Site Request Forgery (CSRF)	3.55	7.1	13/09/2024
Roi Calculator<= 1.0 Cross Site Request Forgery (CSRF)	3.55	7.1	09/10/2024
Show/Hide Shortcode<= 1.0.0 Cross Site Scripting (XSS)	N/A	6.5	29/12/2024
Create with Code<= 1.4 Cross Site Scripting (XSS)	N/A	6.5	07/12/2024
MachForm Shortcode<= 1.4.1 Cross Site Request Forgery (CSRF)	3.55	7.1	07/12/2024
ReviewsTap<= 1.1.2 Cross Site Request Forgery (CSRF)	3.55	7.1	29/10/2024
KBucket<= 4.1.6 Cross Site Request Forgery (CSRF)	3.55	7.1	26/10/2024
Caching Compatible Cookie Opt-In and JavaScript<= 0.0.10 Cross Site Scripting (XSS)	4.88	6.5	21/10/2024

Report vulnerabilities to earn bounties and rewards!

Include pending