RE-ALTER

Say thanks

716.23

XP

57

Reports

0

Reports, last 90 days

#16

19 Dec, 2025

Lvl 3

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Cooked Pro< 1.8.0 Arbitrary File Upload	N/A	10	Jun 27, 2024
Cooked Pro< 1.8.0 Cross Site Request Forgery (CSRF)	N/A	4.3	Jun 27, 2024
Cooked Pro< 1.8.0 Cross Site Scripting (XSS)	N/A	6.5	Jun 27, 2024
Filter & Grids<= 2.9.2 Cross Site Scripting (XSS)	4.88	6.5	Jun 24, 2024
Filter & Grids<= 2.8.33 Broken Authentication	14.6	7.3	Jun 24, 2024
Cooked<= 1.7.15.4 Content Injection	N/A	4.3	No date
Cooked<= 1.7.15.4 Cross Site Request Forgery (CSRF)	N/A	5.4	No date
Blocksy<= 2.0.22 Cross Site Request Forgery (CSRF)	10.8	5.4	Aug 31, 2023
PeproDev CF7 Database<= 1.8.0 Cross Site Request Forgery (CSRF)	N/A	4.3	Jul 31, 2023
Blocksy Companion<= 2.0.28 Cross Site Request Forgery (CSRF)	10.8	5.4	Sep 1, 2023
Favicon<= 1.3.29 Cross Site Request Forgery (CSRF)	10.75	4.3	Jul 31, 2023
Jobeleon Theme<= 1.9.1 Cross Site Scripting (XSS)	7.1	7.1	Dec 14, 2022
Database for Contact Form 7<= 3.0.6 Cross Site Scripting (XSS)	14.2	7.1	Jul 31, 2023
Extensions For CF7<= 3.0.6 Cross Site Scripting (XSS)	14.2	7.1	Jul 31, 2023
New User Approve<= 2.5.1 Cross Site Request Forgery (CSRF)	2.15	4.3	Aug 31, 2023
Partdo Core<= 1.0.9 Cross Site Scripting (XSS)	14.2	7.1	Aug 21, 2023
Bacola Core<= 1.3.3 Cross Site Scripting (XSS)	14.2	7.1	Aug 21, 2023
Medibazar Core<= 1.2.3 Cross Site Scripting (XSS)	N/A	7.1	Aug 24, 2023
Furnob Core<= 1.1.7 Cross Site Scripting (XSS)	N/A	7.1	Aug 24, 2023
Cosmetsy Core<= 1.3.0 Cross Site Scripting (XSS)	N/A	7.1	Aug 24, 2023
Clotya Core<= 1.1.5 Cross Site Scripting (XSS)	14.2	7.1	Aug 24, 2023
Clotya<= 1.1.6 Cross Site Request Forgery (CSRF)	2.15	4.3	Aug 25, 2023
Cosmetsy<= 1.7.7 Cross Site Request Forgery (CSRF)	N/A	4.3	Aug 25, 2023
Furnob<= 1.2.2 Cross Site Request Forgery (CSRF)	N/A	4.3	Aug 25, 2023
Bacola<= 1.3.3 Cross Site Request Forgery (CSRF)	2.15	4.3	Aug 25, 2023
Partdo<= 1.1.1 Cross Site Request Forgery (CSRF)	2.15	4.3	Aug 25, 2023
Medibazar<= 1.8.6 Cross Site Request Forgery (CSRF)	N/A	4.3	Aug 25, 2023
Machic<= 1.2.8 Cross Site Request Forgery (CSRF)	2.15	4.3	Aug 25, 2023
Ultimate Addons for Contact Form 7<= 3.2.0 Cross Site Scripting (XSS)	14.2	7.1	Jul 31, 2023
Adifier System< 3.1.4 Local File Inclusion	30	7.5	Aug 21, 2023
Adifier System< 3.1.4 SQL Injection	27.9	9.3	Aug 21, 2023
Couponis Demo< 2.2 SQL Injection	27.9	9.3	Aug 21, 2023
Adifier System< 3.1.4 Cross Site Scripting (XSS)	14.2	7.1	Aug 21, 2023
Machic Core<= 1.2.6 Cross Site Scripting (XSS)	14.2	7.1	Aug 24, 2023
Database for CF7<= 1.2.4 Broken Access Control	6.5	6.5	Jul 31, 2023
Chat Bubble<= 2.4 Cross Site Request Forgery (CSRF)	2.15	4.3	Aug 16, 2023
NextGEN Gallery<= 3.37 Cross Site Request Forgery (CSRF)	12.9	4.3	Aug 16, 2023
wpDiscuz<= 7.6.11 Cross Site Request Forgery (CSRF)	6.45	4.3	Jul 27, 2023
wpDiscuz<= 7.6.11 Cross Site Scripting (XSS)	42.6	7.1	Jul 27, 2023
wpDiscuz<= 7.6.3 Broken Access Control	12.9	4.3	Aug 31, 2023
Form Maker by 10Web<= 1.15.18 Cross Site Scripting (XSS)	42.6	7.1	Aug 7, 2023
Form Maker by 10Web<= 1.15.18 Cross Site Scripting (XSS)	42.6	7.1	Aug 7, 2023
FooGallery<= 2.2.44 Cross Site Scripting (XSS)	56.8	7.1	Aug 14, 2023
FooGallery<= 2.2.44 Cross Site Request Forgery (CSRF)	10.8	5.4	Aug 14, 2023
PeproDev CF7 Database<= 1.7.0 Cross Site Scripting (XSS)	N/A	7.1	Jul 31, 2023
Social Media & Share Icons<= 2.8.3 Cross Site Scripting (XSS)	71	7.1	Jul 28, 2023
Oxygen Builder< 4.4 Cross Site Request Forgery (CSRF)	21.6	5.4	Dec 11, 2022
WPJobBoard<= 5.9.0 SQL Injection	8.6	8.6	Dec 14, 2022
Balkon<= 1.3.2 Cross Site Scripting (XSS)	N/A	7.1	Jan 31, 2023
WoodMart<= 7.1.1 Cross Site Request Forgery (CSRF)	8.1	5.4	Feb 14, 2023
TheRoof<= 1.0.3 Cross Site Scripting (XSS)	N/A	7.1	Jan 31, 2023
Outdoor<= 3.9.6 Cross Site Scripting (XSS)	N/A	7.1	Jan 31, 2023
Slide Anything<= 2.4.9 Cross Site Scripting (XSS)	N/A	5.9	No date
Real Estate 7<= 3.3.4 Broken Access Control	N/A	5.8	No date
Real Estate 7<= 3.3.4 Cross Site Request Forgery (CSRF)	N/A	4.3	No date
Real Estate 7<= 3.3.4 Cross Site Scripting (XSS)	N/A	7.1	No date
Real Estate 7<= 3.3.1 Cross Site Scripting (XSS)	7.1	7.1	Dec 14, 2022
WoodMart<= 7.0.4 Content Injection	31.8	5.3	Feb 13, 2023
Monolit Theme<= 2.0.6 Cross Site Scripting (XSS)	7.1	7.1	Jan 31, 2023
JS Help Desk<= 2.7.1 Broken Access Control	5.4	5.4	Dec 11, 2022
JS Help Desk<= 2.7.1 Arbitrary File Upload	10	10	Dec 11, 2022
JS Help Desk<= 2.7.1 Settings Change	9.1	9.1	Dec 11, 2022
JS Help Desk<= 2.7.1 Cross Site Request Forgery (CSRF)	5.4	5.4	Dec 11, 2022
JS Help Desk<= 2.7.1 SQL Injection	8.6	8.6	Dec 14, 2022
Smart Slider 3<= 3.5.1.9 Cross Site Scripting (XSS)	N/A	5.4	No date
Creative Mail<= 1.5.4 Cross Site Request Forgery (CSRF)	N/A	5.4	No date
SEO Redirection<= 8.9 Cross Site Request Forgery (CSRF)	N/A	5.4	No date
Image Hover Effects Ultimate<= 9.7.1 Broken Access Control	N/A	7.2	No date
Quiz And Survey Master<= 7.3.6 Insecure Direct Object References (IDOR)	N/A	2.7	No date
Quiz And Survey Master<= 7.3.4 Cross Site Scripting (XSS)	N/A	5.4	No date
Quiz And Survey Master<= 7.3.4 SQL Injection	N/A	9.1	No date
Accordions<= 2.0.3 Broken Access Control	N/A	7.2	No date
Analytics Cat<= 1.0.9 Cross Site Scripting (XSS)	N/A	4.8	No date
Accordions<= 2.0.3 Cross Site Scripting (XSS)	N/A	3.4	No date
Tabs<= 3.7.1 Cross Site Scripting (XSS)	N/A	3.4	No date
Awesome Support<= 6.0.7 Cross Site Scripting (XSS)	N/A	5.4	No date
WHA Crossword<= 1.1.10 Cross Site Scripting (XSS)	N/A	5.4	No date
Word Search Puzzles game<= 2.0.1 Cross Site Scripting (XSS)	N/A	5.4	No date
Event Calendar – Calendar<= 1.4.6 Cross Site Scripting (XSS)	N/A	4.1	No date
SP Project & Document Manager <= 4.59 Cross Site Scripting (XSS)	N/A	6.1	No date
WPIDE – File Manager & Code Editor<= 2.6 Arbitrary File Upload	N/A	6.5	No date
Download Manager<= 3.2.48 Cross Site Request Forgery (CSRF)	N/A	5.4	No date
Download Manager<= 3.2.48 Cross Site Scripting (XSS)	N/A	5.4	No date
Affiliate For WooCommerce<= 4.7.0 Insecure Direct Object References (IDOR)	N/A	6.4	No date
Tabs<= 3.6.0 Broken Access Control	N/A	7.2	No date
Flipbox<= 2.6.0 Broken Access Control	N/A	7.2	No date
Shortcode Addons<= 3.1.2 Broken Access Control	N/A	7.2	No date
Team<= 1.2.6 Cross Site Scripting (XSS)	N/A	4.1	No date
Accordions<= 2.0.2 Broken Access Control	N/A	9.8	No date
Shortcode Addons<= 3.0.2 Settings Change	N/A	9.8	No date
WP Maintenance<= 6.0.7 Cross Site Scripting (XSS)	N/A	3.4	No date
Popup Builder<= 4.1.0 Cross Site Request Forgery (CSRF)	N/A	5.4	No date
Social Share Buttons by Supsystic<= 2.2.3 Broken Access Control	N/A	6.3	No date
Social Share Buttons by Supsystic<= 2.2.3 SQL Injection	N/A	8.5	No date
Image Slider by NextCode<= 1.1.2 Cross Site Request Forgery (CSRF)	N/A	5.4	No date
Image Slider by NextCode<= 1.1.2 Cross Site Scripting (XSS)	N/A	4.8	No date
Private Messages For WordPress<= 2.1.10 Cross Site Request Forgery (CSRF)	N/A	4.3	No date
Code Snippets<= 2.14.3 Cross Site Scripting (XSS)	N/A	4.7	No date
Code Snippets Extended<= 1.4.7 Cross Site Request Forgery (CSRF)	N/A	5.4	No date
Code Snippets Extended<= 1.4.7 Cross Site Request Forgery (CSRF)	N/A	4.7	No date

Report vulnerabilities to earn bounties and rewards!

Include pending