Alliance bounty program
About Alliance Leaderboard Vulnerability database WordPress security
Login

jsgm

0
0
0
0
Twitter Github Website
28 November, 2022
jsgm
Alliance XP
5.4
Contributions
13
Contributions 13
Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

Plugin

Yet Another Stars Rating <= 3.1.2 XSS & Arbitrary Shortcode Execution Vulnerability

+5.4 AXP

5.4

3 March, 2023

Plugin

Ezoic <= 2.8.8 Unauthenticated Plugin Settings Change Leading To Stored XSS Vulnerability

6.1

17 November, 2022

Plugin

Ezoic <= 2.8.8 Auth. Stored CrossSite Scripting (XSS) vulnerability

4.8

17 November, 2022

Plugin

Plausible Analytics <= 1.2.2 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

7 April, 2022

Plugin

Patreon WordPress <= 1.8.1 Stored CrossSite Scripting (XSS) vulnerability

4.8

21 February, 2022

Plugin

SEUR Oficial <= 1.7.1 Arbitrary File Download vulnerability

4.9

10 January, 2022

Plugin

SEUR Oficial <= 1.6.0 Stored CrossSite Scripting (XSS) vulnerability

4.8

20 December, 2021

Theme

Crisp <= 0.31 CrossSite Request Forgery (CSRF) vulnerability leading to Stored CrossSite Scripting (XSS)

8.8

16 December, 2021

Plugin

Fathom Analytics <= 3.0.4 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

8 December, 2021

Plugin

CAOS | Host Google Analytics Locally <= 4.1.8 Arbitrary Folder Deletion via Path Traversal vulnerability

6.5

1 December, 2021

Plugin

OMGF | Host Google Fonts Locally <= 4.5.11 Arbitrary Folder Deletion via Path Traversal vulnerability

6.5

1 December, 2021

Plugin

CorreosExpress <= 2.6.0 Sensitive Information Disclosure vulnerability

5.3

29 November, 2021

Plugin

HTML5 Responsive FAQ <= 2.8.5 Stored CrossSite Scripting (XSS) vulnerability

4.8

23 November, 2021

Back to top

Solutions

WordPress security Vulnerability database Vulnerability API Bug bounty program Plugin auditing Active security programs NEW

WordPress security

Pricing & features For care plans For hosts For plugins NEW Documentation

Patchstack

About us Careers Media Kit Articles & insight Whitepaper 2022 NEW

Social

DPA Privacy Policy Terms & Conditions © 2023 Patchstack

Solutions

WordPress security Vulnerability database Vulnerability API Bug bounty program Plugin auditing Active security programs NEW

WordPress security

Pricing & features For care plans For hosts For plugins NEW Documentation

Patchstack

About us Careers Media Kit Articles & insight Whitepaper 2022 NEW

Social

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close