João Pedro S Alcântara (Kinorth)

Say thanks

14988.42

XP

934

Reports

67

Reports, last 90 days

#2

16 Dec, 2025

Lvl 10

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
MinimogWP<= 3.9.6 Local File Inclusion	11.25	7.5	No date
Turitor< 1.5.3 Local File Inclusion	11.25	7.5	No date
Digiqole< 2.2.7 Local File Inclusion	11.25	7.5	No date
Exhibz<= 3.0.9 Local File Inclusion	11.25	7.5	No date
Jobmonster Elementor Addon<= 1.1.4 Local File Inclusion	11.25	7.5	No date
Jobmonster<= 4.8.2 Local File Inclusion	12.94	7.5	No date
Homey Core<= 2.4.3 Broken Access Control	10.6	5.3	No date
AdForest<= 6.0.11 Broken Access Control	10.6	5.3	No date
Basel<= 5.9.1 Broken Access Control	10.6	5.3	No date
Select Core< 2.6 Cross Site Scripting (XSS)	4.88	6.5	No date
Select Core< 2.6 Local File Inclusion	11.25	7.5	No date
Photography<= 7.7.2 Cross Site Scripting (XSS)	32.66	7.1	Oct 12, 2025
Hub Core<= 5.0.8 Local File Inclusion	11.25	7.5	No date
Traveler< 3.2.6 SQL Injection	19.55	8.5	Oct 8, 2025
Traveler<= 3.2.6 Broken Access Control	12.19	5.3	No date
Traveler< 3.2.6 Cross Site Scripting (XSS)	16.33	7.1	Oct 8, 2025
Traveler< 3.2.6 Local File Inclusion	37.26	8.1	Oct 7, 2025
Rey Core<= 3.1.8 Cross Site Scripting (XSS)	4.88	6.5	No date
Ohio Extra<= 3.6.0 Cross Site Scripting (XSS)	8.41	6.5	No date
North - Required Plugin<= 1.4.2 Local File Inclusion	11.25	7.5	No date
SmartMag<= 10.3.0 Local File Inclusion	11.25	7.5	No date
SmartMag<= 10.3.1 Cross Site Scripting (XSS)	9.75	6.5	No date
Masterstudy< 4.8.126 Local File Inclusion	11.25	7.5	No date
K Elements< 5.5.0 Cross Site Scripting (XSS)	8.41	6.5	No date
Kleo< 5.5.0 Local File Inclusion	19.41	7.5	No date
Jannah - Extensions<= 1.1.4 Cross Site Scripting (XSS)	4.88	6.5	No date
Jannah<= 7.6.0 Cross Site Scripting (XSS)	14.2	7.1	Sep 29, 2025
Jannah<= 7.6.0 PHP Object Injection	39.2	9.8	Sep 29, 2025
Ninja Popups<= 4.7.8 Cross Site Scripting (XSS)	9.75	6.5	No date
EventON<= 4.9.12 Cross Site Scripting (XSS)	16.82	6.5	No date
Jannah<= 7.6.0 Local File Inclusion	32.4	8.1	Sep 29, 2025
Soledad<= 8.7.0 Local File Inclusion	33.75	7.5	No date
Mailster< 4.1.14 Cross Site Scripting (XSS)	48.99	7.1	Sep 27, 2025
Master Slider Pro<= 3.7.12 Cross Site Scripting (XSS)	9.75	6.5	No date
Ronneby Theme Core<= 1.5.68 Cross Site Scripting (XSS)	9.75	6.5	No date
Ronneby Theme Core<= 1.5.68 Local File Inclusion	22.5	7.5	No date
WPLMS<= 1.9.9.5.4 Cross Site Scripting (XSS)	9.75	6.5	No date
Consulting Elementor Widgets<= 1.4.2 Cross Site Scripting (XSS)	9.75	6.5	No date
Consulting Elementor Widgets<= 1.4.2 Local File Inclusion	22.5	7.5	No date
Consulting< 6.7.5 Local File Inclusion	22.5	7.5	No date
Sahifa< 5.8.6 Cross Site Scripting (XSS)	9.75	6.5	No date
wpresidence<= 5.3.2 Broken Access Control	48.76	5.3	No date
Easy Social Share Buttons< 10.7.1 Cross Site Scripting (XSS)	28.4	7.1	Sep 26, 2025
FileBird Pro<= 6.4.9 Broken Access Control	10.8	5.4	No date
Enfold<= 7.1.2 Cross Site Scripting (XSS)	56.06	6.5	No date
ListingPro Lead Form<= 1.0.2 Broken Access Control	21.2	5.3	No date
ListingPro Lead Form<= 1.0.2 Cross Site Scripting (XSS)	9.75	6.5	No date
ListingPro<= 2.9.9 Broken Access Control	21.2	5.3	No date
ListingPro<= 2.9.9 Cross Site Scripting (XSS)	11.21	6.5	No date
Stockholm Core<= 2.4.6 Local File Inclusion	22.5	7.5	No date
Stockholm Core<= 2.4.6 Cross Site Scripting (XSS)	9.75	6.5	No date
Stockholm<= 9.14.1 Local File Inclusion	22.5	7.5	No date
Stockholm<= 9.14.1 Cross Site Scripting (XSS)	9.75	6.5	No date
REHub Framework<= 19.9.8 Cross Site Scripting (XSS)	9.75	6.5	No date
Rehub< 19.9.9.1 Cross Site Scripting (XSS)	9.75	6.5	No date
Eduma<= 5.7.6 Local File Inclusion	22.5	7.5	No date
Eduma<= 5.7.6 Cross Site Scripting (XSS)	9.75	6.5	No date
XStore Core< 5.6 Cross Site Scripting (XSS)	97.98	7.1	Sep 17, 2025
Kallyas<= 4.22.0 Cross Site Scripting (XSS)	14.63	6.5	No date
Houzez Theme - Functionality< 4.2.0 Cross Site Scripting (XSS)	48.99	7.1	Sep 16, 2025
Houzez Theme - Functionality< 4.2.0 Cross Site Scripting (XSS)	16.82	6.5	No date
Houzez Theme - Functionality<= 4.1.8 Local File Inclusion	38.81	7.5	No date
UDesign Core<= 4.14.1 Cross Site Scripting (XSS)	14.63	6.5	No date
TheGem Theme Elements (for WPBakery)<= 5.10.5.1 Cross Site Scripting (XSS)	14.63	6.5	No date
tagDiv Cloud Library< 3.9.2 Cross Site Scripting (XSS)	4.88	6.5	No date
tagDiv Composer<= 5.4.1 Cross Site Scripting (XSS)	9.75	6.5	No date
Salient< 17.4.0 Broken Access Control	19.78	4.3	No date
Houzez< 4.2.0 Local File Inclusion	111.78	8.1	Sep 16, 2025
UDesign Core<= 4.14.0 Local File Inclusion	33.75	7.5	No date
WoodMart< 8.3.2 Local File Inclusion	77.63	7.5	No date
Penci Bookmark & Follow< 2.4 Cross Site Scripting (XSS)	14.2	7.1	Sep 14, 2025
TheGem Demo Import (for WPBakery)<= 5.10.5 Arbitrary Content Deletion	19.5	6.5	Sep 13, 2025
TheGem Theme Elements (for WPBakery)<= 5.10.5.1 Local File Inclusion	97.2	8.1	Sep 13, 2025
TheGem (Elementor)<= 5.10.5.1 Cross Site Scripting (XSS)	42.6	7.1	Sep 12, 2025
Porto Theme - Functionality<= 3.6.2 Broken Access Control	12.9	4.3	No date
Porto Theme - Functionality<= 3.6.2 Cross Site Scripting (XSS)	14.63	6.5	No date
WoodMart< 8.3.2 Cross Site Scripting (XSS)	33.64	6.5	No date
tagDiv Composer<= 5.4.1 Cross Site Scripting (XSS)	28.4	7.1	Sep 9, 2025
Salient Portfolio<= 1.8.2 Cross Site Scripting (XSS)	19.5	6.5	No date
Salient Shortcodes<= 1.5.4 Cross Site Scripting (XSS)	19.5	6.5	No date
Salient Core<= 3.0.8 Broken Access Control	19.78	4.3	No date
Cornerstone<= 7.7.3 Cross Site Scripting (XSS)	24.38	6.5	No date
Betheme<= 28.1.7 Cross Site Scripting (XSS)	24.38	6.5	No date
The7 Elements<= 2.7.11 Local File Inclusion	56.25	7.5	No date
The7<= 12.8.0.2 Cross Site Scripting (XSS)	28.03	6.5	No date
The7<= 12.8.0.2 Local File Inclusion	64.69	7.5	No date
Fusion Builder<= 3.13.2 Cross Site Scripting (XSS)	34.13	6.5	No date
Avada<= 7.13.1 Broken Access Control	37.1	5.3	No date
NEX-Forms LITE< 8.2 Cross Site Scripting (XSS)	10.65	7.1	Sep 1, 2025
CF7 Auto Responder Addon<= 2.4 Cross Site Scripting (XSS)	7.1	7.1	Aug 31, 2025
LBG Zoominoutslider<= 5.4.5 SQL Injection	12.75	8.5	No date
Image&Video FullScreen Background<= 1.6.7 SQL Injection	9.56	8.5	No date
WP Subscription Forms PRO<= 2.0.5 Arbitrary Content Deletion	N/A	4.3	Jun 7, 2025
WP Virtual Assistant<= 3.0 Broken Access Control	7.95	5.3	Aug 22, 2025
Subscribe To Unlock<= 1.1.5 Local File Inclusion	8.44	7.5	Jun 6, 2025
Subscribe To Unlock<= 1.1.5 Broken Access Control	3.23	4.3	Jun 6, 2025
Subscribe to Download<= 2.0.9 Local File Inclusion	8.44	7.5	Jun 5, 2025
Subscribe to Download<= 2.0.9 Broken Access Control	3.23	4.3	Jun 5, 2025
AllInOne - Banner Rotator<= 3.8 SQL Injection	12.75	8.5	Aug 24, 2025
LambertGroup - AllInOne - Content Slider<= 3.8 SQL Injection	12.75	8.5	Aug 26, 2025

Report vulnerabilities to earn bounties and rewards!

Include pending