Nguyen Anh Tien

Say thanks

581.3

XP

19

Reports

0

Reports, last 90 days

#4

17 Nov, 2025

Lvl 2

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Auto Amazon Links<= 5.1.1 Cross Site Scripting (XSS)	N/A	6.5	No date
Easy Digital Downloads<= 3.1.5 Broken Access Control	31.8	5.3	Aug 14, 2023
HUSKY<= 1.3.4.2 SQL Injection	111.6	9.3	Aug 15, 2023
Easy Social Icons<= 3.2.5 Broken Access Control	8.6	4.3	May 28, 2023
BetterLinks<= 1.6.0 Broken Access Control	14.6	7.3	Feb 28, 2023
IMPress Listings<= 2.6.2 Broken Access Control	13	6.5	Mar 28, 2023
Redirection for Contact Form 7<= 2.9.2 Broken Access Control	75	7.5	Jul 31, 2023
WPvivid Backup and Migration<= 0.9.90 Privilege Escalation	66	8.8	Aug 30, 2023
Carousel Slider<= 2.2.2 Broken Access Control	21.2	5.3	Jul 31, 2023
Simple Giveaways<= 2.48.0 Broken Access Control	5.3	5.3	Jan 19, 2023
Download Monitor<= 4.8.3 Arbitrary File Upload	79.2	9.9	May 29, 2023
Leyka<= 3.30.2 Privilege Escalation	13.2	8.8	May 22, 2023
Link Whisper Free<= 0.6.3 Broken Access Control	13	6.5	Mar 28, 2023
Easy Digital Downloads3.1-3.1.1.4.1 Privilege Escalation	58.8	9.8	Apr 21, 2023
If Menu<= 0.16.3 Broken Access Control	39	6.5	Oct 20, 2022
WordPress Email Marketing Plugin – WP Email Capture<= 3.10 Sensitive Data Exposure	10.6	5.3	Feb 28, 2023
WP-RecentComments<= 2.2.7 Broken Access Control	5.4	5.4	Jan 19, 2023
Auto Affiliate Links<= 6.2.1.5 Privilege Escalation	6.5	6.5	Nov 23, 2022
WordPress Form Builder Plugin – Gutenberg Forms<= 2.2.8.3 Broken Access Control	6.5	6.5	Dec 5, 2022
Analytify<= 4.2.3 Privilege Escalation	19.5	6.5	Nov 29, 2022
Robo Gallery<= 3.2.9 Broken Access Control	16.2	5.4	Nov 24, 2022
Post Teaser<= 4.1.5 Broken Access Control	5.4	5.4	Sep 29, 2022
Afterpay Gateway for WooCommerce<= 3.5.0 Cross Site Scripting (XSS)	N/A	4.7	No date
Better Click To Tweet<= 5.10.3 Broken Access Control	5.3	5.3	Nov 23, 2022
WP-FormAssembly<= 2.0.5 Directory Traversal	N/A	6.5	No date
Plugin for Google Reviews<= 2.2.2 Broken Access Control	N/A	4.3	No date
WooSwipe WooCommerce Gallery<= 3.0.2 Broken Access Control	N/A	5.4	No date
ULTIMATE TABLES<= 1.6.5 Cross Site Scripting (XSS)	N/A	6.1	No date
LoginPress<= 1.6.2 Broken Access Control	N/A	5.3	No date
Permalink Manager Lite<= 2.2.20 Broken Access Control	N/A	6.5	No date
Subscribe to Category<= 2.7.4 Broken Access Control	N/A	4.3	No date
Modula Image Gallery<= 2.6.9 Broken Access Control	N/A	6.5	No date
Advanced Floating Content<= 1.2.1 Cross Site Scripting (XSS)	N/A	4.1	No date
Welcart e-Commerce<= 2.7.7 Directory Traversal	N/A	7.5	No date
WP Smart Import<= 1.0.2 Cross Site Scripting (XSS)	N/A	6.1	No date
CRM Perks Forms<= 1.1.0 Cross Site Scripting (XSS)	N/A	6.1	No date
FontMeister<= 1.08 Cross Site Scripting (XSS)	N/A	6.1	No date
Photospace Gallery<= 2.3.5 Broken Access Control	N/A	5.4	No date
Pop-up<= 1.1.5 Privilege Escalation	N/A	5.4	No date
ActiveDEMAND<= 0.2.27 Broken Authentication	N/A	6.5	No date
GS Testimonial Slider<= 1.9.5 Cross Site Scripting (XSS)	N/A	4.8	No date
Custom Product Tabs for WooCommerce<= 1.7.7 Broken Authentication	N/A	5.3	No date
Images Slideshow by 2J<= 1.3.54 Cross Site Scripting (XSS)	N/A	7.1	No date
Ravpage<= 2.27 Cross Site Scripting (XSS)	N/A	6.1	No date
ShortPixel Adaptive Images<= 3.3.1 Broken Access Control	N/A	4.3	No date
FV Flowplayer Video Player<= 7.5.15.727 SQL Injection	N/A	6.6	No date
AMP for WP<= 1.0.77.31 Cross Site Scripting (XSS)	N/A	4.8	No date
Ivory Search<= 4.6.6 Cross Site Scripting (XSS)	N/A	4.8	No date
Testimonial Rotator<= 3.0.3 Cross Site Scripting (XSS)	N/A	6.5	No date
Ivory Search<= 4.5.10 Cross Site Scripting (XSS)	N/A	7.1	No date
Constant Contact Forms<= 1.8.7 Cross Site Scripting (XSS)	N/A	5.5	No date
WP Customer Reviews<= 3.4.2 Cross Site Scripting (XSS)	N/A	N/A	No date
Blog2Social<= 6.3.0 SQL Injection	N/A	8.5	No date
AdRotate Banner Manager<= 5.8.3 SQL Injection	N/A	7.6	No date

Report vulnerabilities to earn bounties and rewards!

Include pending