Dimas Maulana

4147.8

XP

173

Reports

0

Reports, last 90 days

#27

17 Nov, 2025

Lvl 7

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Geo Mashup<= 1.13.16 Local File Inclusion	67.62	9.8	Feb 6, 2025
ACF: Google Font Selector<= 3.0.1 Cross Site Scripting (XSS)	14.2	7.1	Feb 28, 2025
Anything Popup<= 7.3 Cross Site Scripting (XSS)	14.2	7.1	Feb 6, 2025
Arrival<= 1.4.5 Local File Inclusion	45	7.5	Feb 12, 2025
Opstore<= 1.4.5 Local File Inclusion	45	7.5	Feb 20, 2025
Xews Lite<= 1.0.9 Local File Inclusion	45	7.5	Feb 20, 2025
Checkout Field Visibility for WooCommerce<= 1.3.0 Local File Inclusion	45	7.5	Feb 20, 2025
Product Lister for eBay<= 2.0.9 Local File Inclusion	45	7.5	Feb 28, 2025
CWW Portfolio<= 1.3.1 Local File Inclusion	45	7.5	Feb 14, 2025
Grace Mag<= 1.1.5 Local File Inclusion	45	7.5	Feb 16, 2025
License For Envato<= 1.0.0 Local File Inclusion	45	7.5	Feb 7, 2025
Capturly<= 2.0.1 Local File Inclusion	45	7.5	Feb 17, 2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light<= 2.4.37 Local File Inclusion	45	7.5	Feb 24, 2025
AdminQuickbar<= 1.9.1 Cross Site Scripting (XSS)	14.2	7.1	Feb 28, 2025
Smart Agreements<= 1.0.3 Local File Inclusion	45	7.5	Feb 28, 2025
Docket Cache<= 24.07.02 Local File Inclusion	45	7.5	Feb 24, 2025
hockeydata LOS<= 1.2.4 Local File Inclusion	45	7.5	Feb 28, 2025
ZooEffect<= 1.11 Cross Site Scripting (XSS)	14.2	7.1	Feb 19, 2025
Advanced Custom Fields: Link Picker Field<= 1.2.8 Cross Site Scripting (XSS)	14.2	7.1	Feb 28, 2025
Advance WP Query Search Filter<= 1.0.10 Cross Site Scripting (XSS)	14.2	7.1	Mar 1, 2025
Coming Soon, Maintenance Mode<= 1.1.1 Local File Inclusion	45	7.5	Feb 28, 2025
Arkhe<= 3.12.0 Cross Site Request Forgery (CSRF)	12.15	8.1	Feb 11, 2025
Affiliate Links Lite<= 3.1.0 Cross Site Scripting (XSS)	14.2	7.1	Feb 5, 2025
Activity Reactions For Buddypress<= 1.0.22 Cross Site Scripting (XSS)	14.2	7.1	Feb 28, 2025
Zephyr Project Manager<= 3.3.101 Cross Site Scripting (XSS)	14.2	7.1	Nov 27, 2024
EventON<= 2.4 Local File Inclusion	52.8	8.8	Jan 21, 2025
IDonate<= 2.1.14 Local File Inclusion	48.6	8.1	Oct 31, 2024
Fami WooCommerce Compare<= 1.0.5 Local File Inclusion	45	7.5	Feb 24, 2025
Bulk NoIndex & NoFollow Toolkit<= 2.16 Cross Site Scripting (XSS)	14.2	7.1	Feb 15, 2025
Actionwear products sync<= 2.3.3 SQL Injection	17	8.5	Dec 17, 2024
InstaWP Connect<= 0.1.0.82 Local File Inclusion	90	7.5	Feb 6, 2025
Accounting for WooCommerce<= 1.6.8 Local File Inclusion	51.75	7.5	Feb 17, 2025
Hide My WP Ghost<= 5.4.01 Local File Inclusion	288	9.6	Feb 25, 2025
GetShop ecommerce<= 1.3 Local File Inclusion	48.6	8.1	Oct 29, 2024
HUSKY<= 1.3.6.4 Local File Inclusion	90	7.5	Feb 7, 2025
WC Place Order Without Payment<= 2.6.7 Local File Inclusion	45	7.5	Feb 7, 2025
Funnel Builder by FunnelKit<= 3.9.0 Local File Inclusion	90	7.5	Feb 2, 2025
Web Accessibility By accessiBe<= 2.5 Cross Site Scripting (XSS)	14.2	7.1	Feb 3, 2025
Frontend Admin by DynamiApps<= 3.25.17 Cross Site Scripting (XSS)	14.2	7.1	Feb 3, 2025
Atarim<= 4.1.0 Cross Site Scripting (XSS)	16.33	7.1	Feb 6, 2025
Adsmonetizer<= 3.2.4 Cross Site Scripting (XSS)	14.2	7.1	Feb 4, 2025
FULL Customer<= 3.1.26 Local File Inclusion	90	7.5	Jan 21, 2025
Calculator Builder<= 1.6.2 Local File Inclusion	45	7.5	Jan 18, 2025
All push notification for WP<= 1.5.3 Cross Site Scripting (XSS)	N/A	7.1	Oct 30, 2024
Image Rotator<= 2.0 Cross Site Scripting (XSS)	N/A	7.1	Oct 30, 2024
Appointment Buddy Widget<= 1.2 Cross Site Scripting (XSS)	N/A	7.1	Oct 30, 2024
Fami Sales Popup<= 2.0.0 Local File Inclusion	45	7.5	Jan 21, 2025
Delete Comments By Status<= 2.1.1 Local File Inclusion	45	7.5	Jan 21, 2025
Morkva UA Shipping<= 1.0.18 Local File Inclusion	48.6	8.1	Dec 29, 2024
Admin Options Pages<= 0.9.7 Cross Site Scripting (XSS)	14.2	7.1	Dec 16, 2024
4 author cheer up donate<= 1.3 Cross Site Scripting (XSS)	14.2	7.1	Oct 29, 2024
FAT Event Lite<= 1.1 Local File Inclusion	48.6	8.1	Dec 24, 2024
Rezgo<= 4.17 Local File Inclusion	48.6	8.1	Oct 31, 2024
Build App Online<= 1.0.23 Local File Inclusion	58.8	9.8	Oct 31, 2024
Food Store – Online Food Delivery & Pickup<= 1.5.3 Cross Site Scripting (XSS)	14.2	7.1	Jul 25, 2024
DirectoryPress<= 3.6.19 Cross Site Request Forgery (CSRF)	3.15	7.1	Jun 30, 2024
Wp advertising management<= 1.0.3 Cross Site Scripting (XSS)	14.2	7.1	Oct 30, 2024
AcyMailing SMTP Newsletter< 9.11.1 Cross Site Scripting (XSS)	14.2	7.1	Nov 30, 2024
WP24 Domain Check<= 1.10.14 Cross Site Scripting (XSS)	14.2	7.1	Nov 26, 2024
Ads Booster by Ads Pro<= 1.12 Local File Inclusion	48.6	8.1	Oct 29, 2024
MDTF<= 1.3.3.4 Bypass Vulnerability	14.6	7.3	Sep 25, 2024
CURCY<= 2.2.3 Cross Site Scripting (XSS)	14.2	7.1	Aug 29, 2024
Robokassa payment gateway for Woocommerce<= 1.6.1 Cross Site Scripting (XSS)	14.2	7.1	Aug 25, 2024
BA Book Everything<= 1.6.20 Cross Site Scripting (XSS)	28.4	7.1	Jun 26, 2024
WP Bulk Delete<= 1.3.1 Cross Site Scripting (XSS)	42.6	7.1	Sep 24, 2024
YellowPencil Visual CSS Style Editor<= 7.6.4 Cross Site Scripting (XSS)	42.6	7.1	Sep 26, 2024
Loops & Logic<= 4.1.4 Cross Site Scripting (XSS)	14.2	7.1	Aug 28, 2024
Share This Image<= 2.01 Cross Site Scripting (XSS)	14.2	7.1	Aug 26, 2024
SKT Templates – Elementor & Gutenberg templates<= 6.14 Cross Site Scripting (XSS)	14.2	7.1	Aug 27, 2024
Invite Anyone<= 1.4.7 Cross Site Scripting (XSS)	14.2	7.1	Jul 26, 2024
Child Theme Creator<= 1.5.4 Cross Site Scripting (XSS)	14.2	7.1	Jul 29, 2024
Post Grid Master<= 3.4.10 Cross Site Scripting (XSS)	14.2	7.1	Jun 25, 2024
Message Filter for Contact Form 7<= 1.6.1.1 Cross Site Scripting (XSS)	14.2	7.1	Jun 30, 2024
Custom 404 Pro<= 3.11.1 Cross Site Scripting (XSS)	32.66	7.1	Jun 30, 2024
Zoho CRM Lead Magnet<= 1.7.8.8 Cross Site Scripting (XSS)	24.85	7.1	Feb 22, 2024
Appmaker – Convert WooCommerce to Android & iOS Native Mobile Apps<= 1.36.12 Cross Site Scripting (XSS)	14.2	7.1	Apr 26, 2024
Multisite Content Copier/Updater<= 2.0.0 Cross Site Scripting (XSS)	24.85	7.1	Feb 28, 2024
AdPush<= 1.50 Cross Site Scripting (XSS)	24.85	7.1	Feb 26, 2024
Simple Responsive Slider<= 0.2.2.5 Cross Site Scripting (XSS)	14.2	7.1	May 28, 2024
MBE eShip<= 2.2.4 Cross Site Scripting (XSS)	14.2	7.1	May 28, 2024
WP Directory Kit<= 1.3.5 Cross Site Scripting (XSS)	14.2	7.1	Jun 25, 2024
bbPress Notify<= 2.18.3 Cross Site Scripting (XSS)	14.2	7.1	Jun 26, 2024
Social Rocket<= 1.3.3 Cross Site Scripting (XSS)	14.2	7.1	May 28, 2024
All In One Redirection<= 2.2.0 Cross Site Scripting (XSS)	24.85	7.1	Feb 22, 2024
WPPizza<= 3.18.13 Cross Site Scripting (XSS)	14.2	7.1	May 28, 2024
Link Library<= 7.6.3 Cross Site Scripting (XSS)	14.2	7.1	Feb 28, 2024
GiveWP<= 3.12.0 Cross Site Scripting (XSS)	56.8	7.1	Apr 29, 2024
FV Flowplayer Video Player<= 7.5.45.7212 Cross Site Scripting (XSS)	28.4	7.1	Apr 26, 2024
Landing Page Builder<= 1.5.1.8 Cross Site Scripting (XSS)	14.2	7.1	Mar 22, 2024
Webpushr<= 4.35.0 Cross Site Scripting (XSS)	14.2	7.1	Jan 25, 2024
RegistrationMagic<= 5.3.2.0 Cross Site Scripting (XSS)	14.2	7.1	Mar 27, 2024
WPify Woo Czech<= 4.0.10 Cross Site Scripting (XSS)	14.2	7.1	Mar 27, 2024
Sliding Widgets<= 1.5.0 Broken Access Control	6.5	6.5	Jan 3, 2024
Xserver Migrator<= 1.6.2 Cross Site Request Forgery (CSRF)	4.8	9.6	Jan 5, 2024
Sticky Anything<= 2.1.5 Broken Access Control	14.2	7.1	Jan 5, 2024
Easy Set Favicon<= 1.1 Cross Site Scripting (XSS)	14.2	7.1	Jan 3, 2024
LearnPress Export Import<= 4.0.3 Cross Site Scripting (XSS)	14.2	7.1	Jan 18, 2024
Slider by 10Web<= 1.2.54 Cross Site Scripting (XSS)	28.4	7.1	Jan 25, 2024
eCommerce Product Catalog<= 3.3.32 Cross Site Scripting (XSS)	24.85	7.1	Feb 27, 2024
Related Posts for WordPress<= 4.0.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Jan 6, 2024

Report vulnerabilities to earn bounties and rewards!

Include pending