Muhamad Agil Fachrian

662.94

XP

52

Reports

0

Reports, last 90 days

#9

15 Dec, 2025

Lvl 3

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Child Themes Helper<= 2.2.7 Cross Site Request Forgery (CSRF)	4.58	6.1	Oct 26, 2024
LearnPress<= 4.2.7.1 Open Redirection	14.1	4.7	Sep 17, 2024
KB Support<= 1.6.7 Open Redirection	9.4	4.7	Sep 19, 2024
Event Countdown Timer Plugin by TechMix<= 1.4 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 30, 2024
Book a Place<= 0.7.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 30, 2024
Blogger Image Import2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 30, 2024
Shipdeo<= 1.2.8 Cross Site Scripting (XSS)	14.2	7.1	Oct 14, 2024
Stars SMTP Mailer<= 1.7 Cross Site Scripting (XSS)	14.2	7.1	Oct 16, 2024
User Management<= 1.2 Privilege Escalation	26.4	8.8	Oct 27, 2024
Background Control<= 1.0.5 Cross Site Request Forgery (CSRF)	6.45	8.6	Oct 30, 2024
Hide Login+<= 3.5.1 Cross Site Scripting (XSS)	14.2	7.1	Oct 14, 2024
Course Migration for LearnDash1.0.2 Server Side Request Forgery (SSRF)	6.4	6.4	Oct 25, 2024
JobBoard Job listing<= 1.2.6 Arbitrary File Upload	60	10	Oct 9, 2024
ACF City Selector<= 1.14.0 Arbitrary File Upload	N/A	6.6	Oct 7, 2024
gap-hub-user-role<= 3.4.1 Cross Site Request Forgery (CSRF)	13.2	8.8	Oct 23, 2024
FAQs<= 1.0.2 Cross Site Scripting (XSS)	14.2	7.1	Oct 31, 2024
FV Descriptions<= 1.4 Cross Site Scripting (XSS)	14.2	7.1	Oct 31, 2024
Preloader by WordPress Monsters<= 1.2.3 Cross Site Scripting (XSS)	14.2	7.1	Oct 31, 2024
Wovax IDX<= 1.2.2 Broken Authentication	26.4	8.8	Oct 20, 2024
Bootstrap Buttons<= 1.2 Cross Site Scripting (XSS)	14.2	7.1	Oct 30, 2024
Evernote Sync<= 3.0.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 31, 2024
WordPress Filter<= 1.4.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 31, 2024
TagGator<= 1.54 Cross Site Scripting (XSS)	14.2	7.1	Oct 31, 2024
addWeather<= 2.5.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 31, 2024
Multiple Admin Emails<= 1.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 31, 2024
Posts Date Ranges<= 2.2 Cross Site Scripting (XSS)	14.2	7.1	Oct 31, 2024
Push Monkey Pro – Web Push Notifications and WooCommerce Abandoned Cart<= 3.9 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 31, 2024
Projectopia<= 5.1.7 Broken Authentication	26.4	8.8	Oct 29, 2024
Hurrakify<= 2.4 Server Side Request Forgery (SSRF)	14.4	7.2	Oct 30, 2024
VPSUForm<= 3.0.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 16, 2024
Login Widget With Shortcode<= 6.1.2 Open Redirection	9.4	4.7	Sep 15, 2024
Paloma Widget<= 1.14 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 31, 2024
WP GeoNames<= 1.8 Cross Site Scripting (XSS)	14.2	7.1	Oct 16, 2024
Build App Online<= 1.0.23 Cross Site Request Forgery (CSRF)	N/A	5.4	Oct 24, 2024
Wc Recently viewed products<= 1.0.1 Cross Site Scripting (XSS)	14.2	7.1	Oct 16, 2024
DeBounce Email Validator<= 5.6.5 Cross Site Scripting (XSS)	14.2	7.1	Oct 18, 2024
SKT Donation<= 1.9 Cross Site Scripting (XSS)	14.2	7.1	Oct 16, 2024
Radio Buttons and Swatches for WooCommerce<= 1.1.20 Cross Site Scripting (XSS)	14.2	7.1	Oct 16, 2024
ThriveDesk<= 2.0.6 Cross Site Scripting (XSS)	14.2	7.1	Oct 12, 2024
WeChat Subscribers Lite <= 1.6.6 Cross Site Scripting (XSS)	14.2	7.1	Oct 21, 2024
Bulk Change Role<= 1.1 Privilege Escalation	26.4	8.8	Oct 20, 2024
Sunshine Photo Cart<= 3.2.9 Open Redirection	10.81	4.7	Sep 8, 2024
Multi Step Form<= 1.7.21 Broken Access Control	8.6	4.3	Sep 30, 2024
Simple Membership<= 4.5.3 Open Redirection	28.2	4.7	Sep 15, 2024
LaTeX2HTML<= 2.5.4 Cross Site Scripting (XSS)	14.2	7.1	Oct 14, 2024
Duplicate Title Validate<= 1.0 SQL Injection	17	8.5	Oct 11, 2024
EventPrime<= 4.0.4.5 Open Redirection	9.4	4.7	Sep 13, 2024
Payflex Payment Gateway<= 2.6.1 Open Redirection	N/A	4.7	Sep 12, 2024
WPCOM Member<= 1.5.4 Cross Site Scripting (XSS)	14.2	7.1	Sep 13, 2024
Simple Membership After Login Redirection<= 1.6 Open Redirection	9.4	4.7	Sep 24, 2024
ElementsReady Addons for Elementor6.4.2 Open Redirection	9.4	4.7	Sep 24, 2024
CP Polls<= 1.0.74 Cross Site Scripting (XSS)	14.2	7.1	Sep 8, 2024

Report vulnerabilities to earn bounties and rewards!

Include pending