Rafshanzani Suhada

Say thanks

907.11

XP

78

Reports

0

Reports, last 90 days

#12

17 Nov, 2025

Lvl 3

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Post Grid and Gutenberg Blocks<= 2.2.64 Cross Site Scripting (XSS)	N/A	6.5	No date
BP Better Messages<= 2.4.0 Cross Site Scripting (XSS)	4.88	6.5	Jul 31, 2023
Aparat<= 1.7.1 Cross Site Scripting (XSS)	4.88	6.5	Jul 31, 2023
Visitors Traffic Real Time Statistics<= 7.2 Broken Access Control	12.9	4.3	May 30, 2023
Popup by Supsystic<= 1.10.19 Arbitrary File Download	15.9	5.3	Jun 30, 2023
WP ULike<= 4.6.8 Cross Site Scripting (XSS)	14.63	6.5	Feb 28, 2023
Contact Form builder with drag & drop - Kali Forms<= 2.3.28 Broken Access Control	13	6.5	Feb 28, 2023
Simple File List<= 6.1.9 Arbitrary File Deletion	7.5	7.5	Jan 5, 2023
AcyMailing SMTP Newsletter<= 8.6.2 Cross Site Scripting (XSS)	14.2	7.1	Jul 31, 2023
Automatic YouTube Gallery<= 2.3.3 Broken Access Control	4.3	4.3	Jul 31, 2023
Super Socializer<= 7.13.54 Broken Access Control	8.6	4.3	May 30, 2023
Directorist<= 7.7.1 CSV Injection	5.1	5.1	Jan 8, 2023
Email posts to subscribers<= 6.2 Cross Site Scripting (XSS)	N/A	5.9	Dec 29, 2022
Email posts to subscribers<= 6.2 Sensitive Data Exposure	5.3	5.3	Dec 29, 2022
Collapse-O-Matic<= 1.8.5.8 Cross Site Scripting (XSS)	14.63	6.5	Feb 28, 2023
Master Addons for Elementor<= 2.0.5.3 Broken Access Control	26	6.5	Feb 14, 2023
Slimstat Analytics<= 5.0.5.1 Broken Access Control	26	6.5	May 27, 2023
Simple URLs<= 117 Broken Access Control	5.4	5.4	Jun 30, 2023
Simple URLs<= 118 Cross Site Scripting (XSS)	4.88	6.5	Jun 30, 2023
Simple URLs<= 117 Cross Site Scripting (XSS)	14.2	7.1	Jun 30, 2023
Cost Calculator Builder<= 3.1.42 Broken Access Control	5.4	5.4	Feb 28, 2023
Popup by Supsystic<= 1.10.19 Broken Access Control	10.6	5.3	Jun 30, 2023
Photo Engine<= 6.2.5 Insecure Direct Object References (IDOR)	5.4	5.4	Jan 6, 2023
KB Support<= 1.5.88 Broken Access Control	4.3	4.3	Jan 9, 2023
Layer Slider<= 1.1.9.7 Cross Site Scripting (XSS)	6.5	6.5	Jan 10, 2023
Form Builder<= 1.9.9.0 CSV Injection	4.7	4.7	Jan 10, 2023
Email download link<= 3.7 Sensitive Data Exposure	5.3	5.3	Dec 30, 2022
MaxButtons<= 9.5.3 Cross Site Scripting (XSS)	26	6.5	Jan 9, 2023
Spam protection, AntiSpam, FireWall by CleanTalk<= 6.10 Broken Access Control	44	8.8	May 28, 2023
Photo Gallery by 10Web<= 1.8.15 Broken Access Control	21.5	4.3	May 27, 2023
Super Socializer<= 7.13.52 Cross Site Scripting (XSS)	9.75	6.5	May 30, 2023
Form Builder<= 1.9.9.0 Cross Site Request Forgery (CSRF)	7.1	7.1	Jan 10, 2023
MasterStudy LMS<= 3.0.8 Cross Site Scripting (XSS)	6.5	6.5	Jan 7, 2023
MasterStudy LMS<= 3.0.8 Broken Access Control	6.5	6.5	Jan 7, 2023
Directorist<= 7.5.4 Arbitrary Content Deletion	4.3	4.3	Jan 8, 2023
Groundhogg<= 2.7.11 SQL Injection	N/A	7.6	Dec 31, 2022
Groundhogg<= 2.7.11 Cross Site Request Forgery (CSRF)	5.4	5.4	Dec 31, 2022
Layer Slider<= 1.1.9.7 Cross Site Request Forgery (CSRF)	7.1	7.1	Jan 10, 2023
Simple Job Board<= 2.10.3 Cross Site Request Forgery (CSRF)	4.3	4.3	Jan 5, 2023
Connections Business Directory<= 10.4.36 Cross Site Scripting (XSS)	6.5	6.5	Jan 9, 2023
User Registration<= 2.3.2.1 Broken Access Control	31.8	5.3	Feb 28, 2023
Filebird<= 5.1.4 Broken Access Control	11	5.5	Feb 23, 2023
Easy Table of Contents<= 2.0.45.2 Broken Access Control	27	5.4	Feb 1, 2023
Data Tables Generator by Supsystic<= 1.10.25 Broken Access Control	8.6	4.3	Feb 6, 2023
Site Reviews<= 6.5.0 Broken Access Control	12.9	4.3	Feb 22, 2023
Site Reviews<= 6.5.1 Cross Site Scripting (XSS)	14.63	6.5	Feb 23, 2023
Robo Gallery<= 3.2.12 Cross Site Scripting (XSS)	14.63	6.5	Feb 28, 2023
GiveWP<= 2.25.1 CSV Injection	18.8	4.7	Jan 11, 2023
GiveWP<= 2.25.1 Arbitrary Content Deletion	21.6	5.4	Jan 11, 2023
GiveWP<= 2.25.1 Cross Site Scripting (XSS)	26	6.5	Jan 11, 2023
KB Support<= 1.5.84 CSV Injection	4.4	4.4	Jan 9, 2023
Strong Testimonials<= 3.0.2 Cross Site Scripting (XSS)	26	6.5	Jan 7, 2023
wpDataTables<= 2.1.49 Cross Site Scripting (XSS)	19.5	6.5	Jan 10, 2023
Ditty<= 3.0.32 Cross Site Scripting (XSS)	13	6.5	Jan 10, 2023
Visualizer<= 3.9.4 Cross Site Scripting (XSS)	13	6.5	Jan 11, 2023
Top 10<= 3.2.3 Broken Access Control	8.6	4.3	Feb 15, 2023
RegistrationMagic<= 5.1.9.2 Cross Site Request Forgery (CSRF)	5.4	5.4	Jan 2, 2023
WordPress Social Login and Register<= 7.6.0 Arbitrary Content Deletion	21.2	5.3	Feb 3, 2023
Arigato Autoresponder and Newsletter<= 2.7.1.1 Cross Site Scripting (XSS)	7.1	7.1	Dec 25, 2022
Arigato Autoresponder and Newsletter<= 2.7.1 Cross Site Scripting (XSS)	N/A	5.9	Dec 25, 2022
Icegram Collect<= 1.3.8 Cross Site Scripting (XSS)	N/A	5.9	Dec 29, 2022
Arigato Autoresponder and Newsletter<= 2.7.1.1 Cross Site Scripting (XSS)	6.5	6.5	Jan 7, 2023
Formidable Forms<= 5.5.6 Cross Site Request Forgery (CSRF)	28.4	7.1	Jan 7, 2023
Ocean Extra<= 2.1.1 Cross Site Scripting (XSS)	33	5.5	Jan 19, 2023
Glossary<= 2.1.27 Cross Site Scripting (XSS)	6.5	6.5	Jan 8, 2023
Material Design Icons for Page Builders<= 1.4.2 Cross Site Scripting (XSS)	6.5	6.5	Jan 9, 2023
BNE Testimonials<= 2.0.7 Cross Site Scripting (XSS)	6.5	6.5	Jan 7, 2023
ChatBot<= 4.3.0 Cross Site Scripting (XSS)	N/A	5.9	Dec 28, 2022
ChatBot<= 4.2.8 Cross Site Request Forgery (CSRF)	5.4	5.4	Dec 28, 2022
Blocksy Companion<= 1.8.67 Cross Site Scripting (XSS)	22	5.5	Jan 19, 2023
WP Popups<= 2.1.4.8 Cross Site Scripting (XSS)	13	6.5	Jan 3, 2023
AutomatorWP<= 2.5.0 Cross Site Request Forgery (CSRF)	4.3	5.4	Jan 4, 2023
Booking Calendar<= 9.4.3 SQL Injection	N/A	7.6	Jan 4, 2023
WP Client Reports<= 1.0.16 Sensitive Data Exposure	4.3	4.3	Jan 5, 2023
Heateor Social Comments<= 1.6.1 Cross Site Scripting (XSS)	6.5	6.5	Jan 7, 2023
WP Airbnb Review Slider<= 3.2 Cross Site Request Forgery (CSRF)	7.1	7.1	Jan 7, 2023
WP Maps<= 4.3.9 Cross Site Scripting (XSS)	23.6	5.9	Jan 10, 2023
Pods<= 2.9.10.2 Cross Site Request Forgery (CSRF)	28.4	7.1	Jan 9, 2023
TemplatesNext ToolKit<= 3.2.7 Cross Site Scripting (XSS)	6.5	6.5	Jan 7, 2023

Report vulnerabilities to earn bounties and rewards!

Include pending