Dhabaleshwar Das

1562.04

XP

298

Reports

0

Reports, last 90 days

#32

17 Nov, 2025

Lvl 4

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
VikRestaurants Table Reservations and Take-Away<= 1.3.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 18, 2024
REVE Chat<= 6.3.7 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 15, 2024
Chat2<= 4.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 28, 2024
WordPress Events Calendar Plugin – connectDaily<= 1.5.4 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 2, 2025
CRM WordPress Plugin – RepairBuddy<= 3.8213 Broken Access Control	N/A	4.3	Dec 31, 2024
Astra Security Suite<= 0.2 Broken Access Control	10.6	5.3	Dec 24, 2024
Apimo Connector<= 2.6.3.1 Cross Site Request Forgery (CSRF)	N/A	4.3	Dec 26, 2024
Appointy Appointment Scheduler<= 4.2.1 Cross Site Request Forgery (CSRF)	3.25	6.5	Dec 26, 2024
DesignO<= 2.5.0 Cross Site Request Forgery (CSRF)	N/A	4.3	Dec 28, 2024
VikBooking Hotel Booking Engine & PMS<= 1.7.2 Cross Site Request Forgery (CSRF)	3.25	6.5	Dec 20, 2024
Essential Real Estate<= 5.1.8 Cross Site Request Forgery (CSRF)	2.15	4.3	Dec 31, 2024
VikAppointments Services Booking Calendar<= 1.2.16 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 20, 2024
AI WP Writer<= 3.8.4.4 Cross Site Request Forgery (CSRF)	2.15	4.3	Nov 29, 2024
Hive Support<= 1.1.6 Broken Access Control	N/A	4.3	Dec 6, 2024
AI for SEO<= 1.2.9 Broken Access Control	8.6	4.3	Nov 29, 2024
PixelYourSite – Your smart PIXEL (TAG) Manager<= 10.0.1.2 Cross Site Request Forgery (CSRF)	16.2	5.4	Nov 27, 2024
MyBookTable Bookstore<= 3.5.3 Cross Site Request Forgery (CSRF)	2.7	5.4	Nov 24, 2024
WP Wand<= 1.2.5 Broken Access Control	2.15	5.3	Dec 7, 2024
WP Mailster<= 1.8.17.0 Sensitive Data Exposure	12.19	5.3	Nov 22, 2024
WP Visitor Statistics (Real Time Traffic)<= 7.5 Broken Access Control	8.6	4.3	Jun 30, 2024
Event Espresso 4 Decaf<= 5.0.28.decaf Cross Site Request Forgery (CSRF)	2.15	4.3	Nov 21, 2024
WP Mailster<= 1.8.17.0 Cross Site Request Forgery (CSRF)	2.47	4.3	Nov 22, 2024
AIcomments<= 1.4.1 Cross Site Request Forgery (CSRF)	2.15	4.3	Nov 30, 2024
AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot<= 1.6.2 Cross Site Request Forgery (CSRF)	2.15	4.3	Nov 30, 2024
AutoWP<= 2.0.8 Cross Site Request Forgery (CSRF)	2.15	4.3	Nov 30, 2024
Icegram Collect<= 1.3.14 Broken Access Control	5.4	5.4	Jun 26, 2024
Icegram<= 3.1.24 Broken Access Control	10.6	5.3	Jun 26, 2024
Analytify<= 5.3.1 Broken Access Control	8.6	4.3	Jun 8, 2024
Smart Online Order for Clover<= 1.5.6 Broken Access Control	4.95	4.3	Feb 15, 2024
Smart Online Order for Clover<= 1.5.6 Broken Access Control	12.19	5.3	Feb 16, 2024
Advanced Cron Manager – debug & control<= 2.5.9 Broken Access Control	8.6	4.3	Apr 21, 2024
Icegram<= 3.1.24 Broken Access Control	10.6	5.3	Jun 26, 2024
Arconix FAQ<= 1.9.4 Broken Access Control	10.6	5.3	Jun 18, 2024
Arconix Shortcodes<= 2.1.11 Broken Access Control	10.6	5.3	Jun 11, 2024
Matomo Analytics<= 5.1.1 Cross Site Request Forgery (CSRF)	N/A	4.3	Feb 23, 2024
Oceanic<= 1.0.48 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
i-transform<= 3.0.9 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Popularis Verse<= 1.1.1 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 28, 2024
EleForms<= 2.9.9.9 Broken Access Control	10.6	5.3	Feb 28, 2024
Packlink PRO shipping module<= 3.4.6 Broken Access Control	5.4	5.4	Mar 18, 2024
Patricia Blog<= 1.2 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
i-amaze<= 1.3.7 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Product Delivery Date for WooCommerce – Lite<= 2.7.2 Broken Access Control	10.6	5.3	Jun 10, 2024
Internal Link Juicer: SEO Auto Linker for WordPress<= 2.24.3 Cross Site Request Forgery (CSRF)	6.45	4.3	Jun 8, 2024
Patricia Lite<= 1.2.3 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
SociallyViral<= 1.0.10 Cross Site Request Forgery (CSRF)	N/A	4.3	Jan 27, 2024
Point<= 1.1 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 25, 2024
Get Better Reviews for WooCommerce<= 4.0.6 Broken Access Control	4.95	4.3	Feb 17, 2024
Swift Performance Lite<= 2.3.6.20 Cross Site Request Forgery (CSRF)	2.15	4.3	Jun 8, 2024
Business One Page<= 1.2.9 Broken Access Control	4.3	4.3	Jan 30, 2024
Lawyer Landing Page<= 1.2.4 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Charitable<= 1.8.1.7 Broken Access Control	13	6.5	Jun 8, 2024
Construction Landing Page<= 1.3.5 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Rara Business<= 1.2.5 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Metro Magazine<= 1.3.7 Broken Access Control	4.3	4.3	Jan 30, 2024
Bakes And Cakes<= 1.2.6 Broken Access Control	4.3	4.3	Jan 30, 2024
Posterity<= 3.3 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 29, 2024
Rife Free<= 2.4.18 Cross Site Request Forgery (CSRF)	4.3	4.3	Jan 29, 2024
Bard<= 2.210 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 28, 2024
Ashe<= 2.233 Cross Site Request Forgery (CSRF)	6.45	4.3	Jan 28, 2024
Trendy News<= 1.0.15 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 27, 2024
Newsmatic<= 1.3.1 Broken Access Control	10.6	5.3	Jan 27, 2024
Hestia<= 3.1.2 Cross Site Request Forgery (CSRF)	8.6	4.3	Jan 27, 2024
Highlight<= 1.0.29 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 28, 2024
Schema Lite<= 1.2.2 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 26, 2024
Travel Agency<= 1.4.9 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Benevolent<= 1.3.4 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
OnePress<= 2.3.6 Cross Site Request Forgery (CSRF)	6.45	4.3	Jan 28, 2024
NewsMash<= 1.0.34 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Perfect Portfolio<= 1.2.0 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Mesmerize<= 1.6.120 Cross Site Request Forgery (CSRF)	4.3	4.3	Jan 28, 2024
Elegant Pink<= 1.3.0 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
JobScout<= 1.1.4 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Coachify<= 1.0.7 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Preschool and Kindergarten<= 1.2.1 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Blossom Shop<= 1.1.7 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
WP Mobile Menu<= 2.8.4.3 Cross Site Request Forgery (CSRF)	8.6	4.3	Jun 7, 2024
Travel Monster<= 1.1.2 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
TrustedLogin Vendor< 1.1.1 Sensitive Data Exposure	12.19	5.3	Mar 5, 2024
Vandana Lite<= 1.1.9 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Falang multilanguage<= 1.3.51 Cross Site Request Forgery (CSRF)	2.15	4.3	Jun 9, 2024
Book Landing Page<= 1.2.3 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Digital Newspaper<= 1.1.5 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 27, 2024
Chic Lite<= 1.1.3 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Education Zone<= 1.3.4 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Vilva<= 1.2.2 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 30, 2024
Hueman<= 3.7.24 Cross Site Request Forgery (CSRF)	4.3	4.3	Jan 29, 2024
Customizr<= 4.4.21 Cross Site Request Forgery (CSRF)	4.3	4.3	Jan 29, 2024
LA-Studio Element Kit for Elementor<= 1.3.6 Broken Access Control	8.6	4.3	Jan 22, 2024
Photo Gallery by 10Web<= 1.8.25 Broken Access Control	21.5	4.3	Jan 22, 2024
Builder for WooCommerce reviews shortcodes – ReviewShort<= 1.01.5 Broken Access Control	13.25	5.3	Feb 8, 2024
Clearfy Cache<= 2.3.2 Cross Site Request Forgery (CSRF)	6.45	4.3	Mar 15, 2024
Fast Custom Social Share by CodeBard<= 1.1.2 Cross Site Request Forgery (CSRF)	2.47	4.3	Mar 19, 2024
JCH Optimize<= 4.2.0 Path Traversal	4.3	4.3	Apr 15, 2024
EmpowerWP<= 1.0.21 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 28, 2024
Oasis<= 1.0.12 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 28, 2024
Skyline WP<= 1.0.10 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 28, 2024
Consus<= 1.0.6 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 28, 2024
Zeka<= 1.0.9 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 28, 2024
Niveau<= 1.0.8 Cross Site Request Forgery (CSRF)	2.15	4.3	Jan 28, 2024

Report vulnerabilities to earn bounties and rewards!

Include pending