Pricing
Solutions
WordPress security
Instantly fix and mitigate vulnerabilities
Plugin auditing
Paid auditing for WordPress vendors
Managed VDP
Start a security program for your plugins
Bug Bounty
Join the community and earn bounties
Enterprise API
At scale monitoring and vPatching for hosts
Vulnerability database
The latest WordPress security intelligence
Login
Start trial
Martino Spagnuolo (r3verii)
1564.58
XP
98
Reports
0
Reports, last 90 days
#11
17 Nov, 2025
Lvl 4
0
0
0
0
Website
X
GitHub
Sort by
Priority
Severity
Exploited
Search
Affected software | Vulnerability
CVE
AXP
Severity
Reported
Bonus for Woo
<= 7.4.6
Other Vulnerability Type
N/A
5.3
Jun 17, 2025
Invelity MyGLS connect
<= 1.1.1
Cross Site Request Forgery (CSRF)
4.4
8.8
Jun 10, 2025
Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One
<= 2.2.9
Server Side Request Forgery (SSRF)
N/A
4.9
Jun 6, 2025
Shk Corporate
<= 2.4.1.1
Broken Access Control
N/A
4.3
Jun 10, 2025
SoftMe
<= 1.1.27
Broken Access Control
N/A
4.3
Jun 10, 2025
Booking System Trafft
<= 1.0.14
Cross Site Scripting (XSS)
3.25
6.5
Jun 6, 2025
WP Easy Contact
<= 4.0.1
PHP Object Injection
16.2
8.1
May 27, 2025
WP Ticket Customer Service Software & Support Ticket System
<= 6.0.2
PHP Object Injection
24.3
8.1
May 27, 2025
Employee Spotlight
<= 5.1.1
PHP Object Injection
24.3
8.1
May 27, 2025
YouTube Showcase
<= 3.5.1
PHP Object Injection
32.4
8.1
May 26, 2025
Employee Directory – Staff Listing & Team Directory Plugin for WordPress
<= 4.5.3
PHP Object Injection
16.2
8.1
May 27, 2025
CubeWP
<= 1.1.24
Privilege Escalation
26.4
8.8
Jun 10, 2025
StoryMap
<= 2.1
Cross Site Request Forgery (CSRF)
4.1
8.2
May 30, 2025
Infility Global
<= 2.14.28
Arbitrary File Download
9.75
6.5
Mar 28, 2025
Forms
<= 2.9.0
Arbitrary File Upload
N/A
9.9
Apr 22, 2025
Prevent files / folders access
<= 2.6.0
Path Traversal
6.5
6.5
Jun 5, 2025
BuddyPress XProfile Custom Image Field
<= 3.0.1
Arbitrary File Deletion
25.8
8.6
Jun 10, 2025
DELUCKS SEO
<= 2.6.0
Privilege Escalation
19.8
8.8
Jun 17, 2025
Breeze Checkout
<= 1.4.0
Broken Access Control
6.5
6.5
Jun 19, 2025
Residential Address Detection
<= 2.5.9
Broken Access Control
N/A
5.3
Jun 15, 2025
Stop and Block bots plugin Anti bots
<= 1.48
Broken Access Control
7.95
5.3
Jun 15, 2025
Hestia
<= 3.2.10
Broken Access Control
N/A
5.3
Jun 10, 2025
Formality
<= 1.5.9
Local File Inclusion
16.2
8.1
May 30, 2025
ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes
<= 1.4.9
SQL Injection
17
8.5
Mar 29, 2025
Email Attachment by Order Status & Products
<= 1.0.1
Cross Site Scripting (XSS)
7.1
7.1
Jun 14, 2025
CoSchool LMS
<= 1.4.3
SQL Injection
8.5
8.5
Jun 14, 2025
WP-BusinessDirectory
<= 3.1.3
SQL Injection
37.2
9.3
Apr 30, 2025
Official Integration for Billingo
<= 4.2.7
Privilege Escalation
5.4
7.2
Jun 10, 2025
Templazee
<= 1.0.2
Broken Access Control
N/A
5.4
Jun 9, 2025
Internal Linking of Related Contents
<= 1.1.8
Broken Access Control
13
6.5
May 29, 2025
Ultimate Push Notifications
<= 1.2.0
Broken Access Control
6.5
6.5
May 20, 2025
Infility Global
<= 2.13.4
Cross Site Scripting (XSS)
14.2
7.1
Mar 28, 2025
Torod
<= 1.9
SQL Injection
18.6
9.3
Jun 4, 2025
fluXtore
<= 1.6.0
Broken Access Control
N/A
5.3
Jun 4, 2025
LMSACE Connect
<= 3.4
Broken Access Control
N/A
4.3
Jun 5, 2025
Click & Pledge Connect
<= 25.04010101-WP6.8
Privilege Escalation
58.8
9.8
Apr 29, 2025
Accept Authorize.NET Payments Using Contact Form 7
<= 2.5
Sensitive Data Exposure
N/A
5.3
May 29, 2025
Accept Stripe Payments Using Contact Form 7
<= 3.0
Sensitive Data Exposure
N/A
5.3
May 29, 2025
Audio Editor & Recorder
<= 2.2.3
Sensitive Data Exposure
N/A
5.3
Jun 10, 2025
TicketBAI Facturas para WooCommerce
<= 3.19
SQL Injection
37.2
9.3
Apr 30, 2025
Persian Woocommerce SMS
<= 7.0.10
SQL Injection
7.6
7.6
May 16, 2025
Spice Blocks
<= 2.0.7.4
Arbitrary File Download
22.5
7.5
Apr 15, 2025
Welcart e-Commerce
<= 2.11.13
Arbitrary File Deletion
10.2
6.8
Apr 12, 2025
MyStyle Custom Product Designer
<= 3.21.1
SQL Injection
37.2
9.3
Apr 23, 2025
WP Posts Carousel
<= 1.3.12
PHP Object Injection
13.2
8.8
Apr 9, 2025
Infility Global
<= 2.14.28
SQL Injection
17
8.5
Mar 28, 2025
Infocob CRM Forms
<= 2.4.0
Arbitrary File Download
N/A
4.9
Apr 22, 2025
Binary MLM Plan
<= 3.0
SQL Injection
30.4
7.6
Mar 24, 2025
RSVPMarker
<= 11.5.6
SQL Injection
N/A
8.5
Apr 23, 2025
BERTHA AI
<= 1.13
Broken Access Control
3.23
4.3
Apr 16, 2025
EventON
<= 2.4.4
Broken Access Control
10.6
5.3
Apr 11, 2025
Tainacan
<= 0.21.14
Arbitrary File Deletion
59.34
8.6
Apr 16, 2025
WC Affiliate
<= 2.13
PHP Object Injection
19.6
8.8
Mar 26, 2025
6Storage Rentals
<= 2.19.9
Broken Access Control
9.75
6.5
Apr 3, 2025
STAGGS
<= 2.11.0
Arbitrary File Upload
60
10
Mar 31, 2025
Facturante
<= 1.11
SQL Injection
37.2
9.3
Apr 7, 2025
WPC Product Options for WooCommerce
<= 1.8.6
Local File Inclusion
25.88
7.5
Apr 16, 2025
SMS Alert Order Notifications
<= 3.8.1
SQL Injection
37.2
9.3
Mar 20, 2025
Eventin
<= 4.0.26
Arbitrary File Download
22.5
7.5
Mar 20, 2025
Credova_Financial
<= 2.5.0
Cross Site Request Forgery (CSRF)
N/A
4.3
Mar 23, 2025
Nomupay Payment Processing Gateway
<= 7.1.7
Arbitrary File Download
N/A
4.9
Apr 13, 2025
Visual Builder
<= 1.2.2
Broken Access Control
14.2
7.1
Apr 14, 2025
Crossword Compiler Puzzles
<= 5.2
Arbitrary File Upload
29.7
9.9
Apr 17, 2025
Watu Quiz
<= 3.4.3
SQL Injection
N/A
7.6
Apr 11, 2025
Appointment Booking Calendar
<= 1.3.92
Cross Site Request Forgery (CSRF)
8.2
8.2
Apr 10, 2025
Event post
<= 5.9.11
Cross Site Scripting (XSS)
9.75
6.5
Mar 20, 2025
Web Directory Free
<= 1.7.8
Cross Site Scripting (XSS)
14.2
7.1
Mar 26, 2025
StoreContrl Woocommerce
<= 4.1.3
Arbitrary File Download
22.5
7.5
Mar 26, 2025
Taskbuilder
<= 4.0.1
SQL Injection
17
8.5
Mar 24, 2025
Debug Log Manager
<= 2.3.4
Cross Site Scripting (XSS)
14.2
7.1
Jan 21, 2025
Vitepos
<= 3.1.7
Broken Authentication
21.6
7.2
Mar 16, 2025
Hostel
<= 1.1.5.6
SQL Injection
N/A
7.6
Mar 29, 2025
WPCOM Member
<= 1.7.7
Local File Inclusion
19.8
8.8
Mar 18, 2025
WowStore
<= 4.2.4
Broken Access Control
4.3
4.3
Mar 14, 2025
Material Dashboard
<= 1.4.6
Privilege Escalation
58.8
9.8
Mar 31, 2025
Projectopia
<= 5.1.19
Privilege Escalation
58.8
9.8
Feb 15, 2025
Ray Enterprise Translation
<= 1.7.0
Local File Inclusion
45
7.5
Mar 28, 2025
Squeeze
<= 1.6
Arbitrary File Upload
N/A
9.1
Feb 10, 2025
Squeeze
<= 1.6
Full Path Disclosure (FPD)
N/A
2.7
Feb 10, 2025
WP User Profiles
<= 2.6.2
Privilege Escalation
26.4
8.8
Feb 16, 2025
Survey Maker
<= 5.1.6.3
Bypass Vulnerability
8.6
4.3
Jan 27, 2025
Falling things
<= 1.08
SQL Injection
N/A
7.6
Feb 4, 2025
Secure Copy Content Protection and Content Locking
<= 4.5.5
Cross Site Scripting (XSS)
N/A
5.9
Jan 27, 2025
VPSUForm
<= 3.1.9
Cross Site Scripting (XSS)
14.2
7.1
Mar 11, 2025
Countdown & Clock
<= 2.8.8
Remote Code Execution (RCE)
22.28
9.9
Mar 6, 2025
Labinator Content Types Duplicator
<= 1.1.3
Cross Site Request Forgery (CSRF)
N/A
4.3
Feb 5, 2025
Secure Copy Content Protection and Content Locking
<= 4.4.3
Cross Site Scripting (XSS)
14.2
7.1
Jan 27, 2025
Quiz Maker
<= 6.6.8.7
SQL Injection
32.8
8.2
Mar 12, 2025
WP Posts Carousel
<= 1.3.8
Cross Site Scripting (XSS)
4.88
6.5
Mar 20, 2025
Ads by WPQuads
<= 2.0.87.1
Broken Access Control
30
7.5
Feb 28, 2025
Rapyd Payment Extension for WooCommerce
<= 1.2.0
PHP Object Injection
39.2
9.8
Mar 15, 2025
Ads by WPQuads
<= 2.0.87.1
SQL Injection
74.4
9.3
Feb 24, 2025
Chartify
<= 3.1.7
Cross Site Scripting (XSS)
N/A
5.9
Jan 30, 2025
WP Google Review Slider
<= 16.0
Cross Site Request Forgery (CSRF)
16.4
8.2
Mar 10, 2025
Support Genix
<= 1.4.11
Insecure Direct Object References (IDOR)
N/A
4.3
Mar 11, 2025
FlexStock
<= 3.13.1
SQL Injection
N/A
7.6
Mar 13, 2025
Search with Typesense
<= 2.0.8
Path Traversal
N/A
6.8
Feb 14, 2025
Survey Maker
<= 5.1.3.5
Cross Site Scripting (XSS)
N/A
5.9
Jan 27, 2025
Report vulnerabilities to earn bounties and rewards!
Read more
Include pending
Back to top