About Alliance Leaderboard Vulnerability database WordPress security
Login

Jonas Höbenreich

0
0
0
0
Jonas Höbenreich
Alliance XP
125.5
Total reports
25
Reports, last 90 days
6
Contributions 25
Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

Plugin

Ni WooCommerce Sales Report <= 3.7.3 Broken Access Control vulnerability

+0 AXP

6.5

25 October, 2023

Plugin

FLOWFACT WP Connector <= 2.1.8 Reflected Cross Site Scripting (XSS) vulnerability

+0 AXP

7.1

25 October, 2023

Plugin

Taggbox <= 3.1 Broken Access Control vulnerability

+5.4 AXP

5.4

19 October, 2023

Plugin

Ashe Extra <= 1.2.6 Broken Access Control vulnerability

+5.4 AXP

5.4

16 October, 2023

Plugin

Taggbox <= 3.1 Cross Site Request Forgery (CSRF) vulnerability

+2.7 AXP

5.4

12 October, 2023

Plugin

WP Ultimate Exporter <= 2.4.1 Sensitive Data Exposure vulnerability

+11.8 AXP

5.9

3 October, 2023

Plugin

Surfer <= 1.3.2.357 Broken Access Control vulnerability

+7.6 AXP

7.6

1 September, 2023

Plugin

Password Reset with Code for WordPress REST API <= 0.0.15 Privilege Escalation Due To Weak Pin Generation Vulnerability

+19.6 AXP

9.8

14 August, 2023

Plugin

Kangu para WooCommerce <= 2.2.9 Reflected Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

11 August, 2023

Plugin

Easy!Appointments <= 1.3.1 Arbitrary File Deletion vulnerability

+0 AXP

6.3

10 August, 2023

Plugin

LWS Affiliation <= 2.2.6 Local File Inclusion vulnerability

+36 AXP

9.0

24 July, 2023

Plugin

Greeklish-permalink <= 3.3 permalink plugin <= 3.3 Unauth. Post Slug Update vulnerability

6.5

21 June, 2023

Plugin

CRM and Lead Management by vcita <= 2.6.2 Auth. Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

6.4

5 June, 2023

Plugin

Online Booking & Scheduling Calendar for WordPress by vcita < 4.3.2 Unauth. Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

7.1

5 June, 2023

Plugin

Online Booking & Scheduling Calendar for WordPress by vcita <= 4.2.10 Missing Authorization to Account Logout vulnerability

+0 AXP

5.4

5 June, 2023

Plugin

Contact Form Builder by vcita <= 4.10.2 CrossSite Request Forgery to Stored CrossSite Scripting vulnerability

+0 AXP

6.1

5 June, 2023

Plugin

Contact Form and Calls To Action by vcita <= 2.7.1 Auth. Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

6.4

5 June, 2023

Plugin

Online Booking & Scheduling Calendar for WordPress by vcita <= 4.3.5 Missing Authorization on RESTAPI vulnerability

+0 AXP

5.3

5 June, 2023

Plugin

Online Booking & Scheduling Calendar for WordPress by vcita <= 4.3.5 Missing Authorization to Arbitrary File Upload vulnerability

+0 AXP

9.9

5 June, 2023

Plugin

Contact Form and Calls To Action by vcita <= 2.7.1 CrossSite Request Forgery to Stored CrossSite Scripting vulnerability

+0 AXP

6.1

5 June, 2023

Plugin

Contact Form Builder by vcita <= 4.10.2 Auth. Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

6.5

5 June, 2023

Plugin

CRM and Lead Management by vcita <= 2.7.1 CrossSite Request Forgery to Stored CrossSite Scripting vulnerability

+0 AXP

6.1

5 June, 2023

Plugin

reCAPTCHA for all <= 1.22 Broken Access Control vulnerability

+4.3 AXP

4.3

15 May, 2023

Plugin

SALERT <= 1.2.1 Broken Access Control vulnerability

+4.3 AXP

4.3

9 May, 2023

Plugin

SALERT <= 1.2.1 Cross Site Scripting (XSS) vulnerability

+14.2 AXP

7.1

9 May, 2023

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close