SOPROBRO

3771.88

XP

749

Reports

0

Reports, last 90 days

#25

17 Nov, 2025

Lvl 6

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Portfolio Manager Lite<= 1.20 Cross Site Scripting (XSS)	14.2	7.1	Oct 6, 2024
Toggles Shortcode and Widget<= 1.14 Cross Site Scripting (XSS)	14.2	7.1	Oct 6, 2024
Info Boxes Shortcode and Widget<= 1.15 Cross Site Scripting (XSS)	14.2	7.1	Oct 6, 2024
Popping Sidebars and Widgets Light<= 1.27 Cross Site Scripting (XSS)	14.2	7.1	Oct 6, 2024
OTW TinyMCE Widget<= 1.7 Cross Site Scripting (XSS)	14.2	7.1	Oct 6, 2024
Quotes Shortcode and Widget<= 1.14 Cross Site Scripting (XSS)	14.2	7.1	Oct 5, 2024
Dropcaps Shortcode and Widget<= 1.8 Cross Site Scripting (XSS)	14.2	7.1	Oct 5, 2024
Post Custom Templates Lite<= 1.14 Cross Site Scripting (XSS)	14.2	7.1	Oct 6, 2024
IP2Location Variables<= 2.9.5 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 6, 2024
WP_DEBUG Toggle<= 1.1 Cross Site Scripting (XSS)	14.2	7.1	Dec 15, 2024
Related Videos for JW Player<= 1.2.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 26, 2024
Codescar Radio Widget<= 0.4.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 6, 2024
Rentsyst<= 2.0.92 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 9, 2024
ePaper Lister for Yumpu<= 1.4.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 11, 2024
Link Shield<= 0.5.4 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 12, 2024
MultiMailer<= 1.0.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 13, 2024
ALD Login Page<= 1.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 29, 2024
SEO, Nutrition and Print for Recipes by Edamam<= 3.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 11, 2024
WP Calais Auto Tagger<= 2.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 15, 2024
Popping Content Light<= 2.4 Cross Site Scripting (XSS)	14.2	7.1	Oct 5, 2024
QR Master<= 1.0.5 Cross Site Scripting (XSS)	14.2	7.1	Oct 5, 2024
Widgetize Pages Light<= 3.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 6, 2024
Rollbar<= 2.7.1 Cross Site Request Forgery (CSRF)	2.7	5.4	Aug 26, 2024
Simple WP Events<= 1.8.17 Cross Site Scripting (XSS)	4.88	6.5	Oct 2, 2024
Search, Filters & Merchandising for WooCommerce<= 3.0.58 Cross Site Scripting (XSS)	4.88	6.5	Dec 5, 2024
Libro de Reclamaciones y Quejas<= 1.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Sep 23, 2024
Sidebar Manager Light<= 1.18 Cross Site Request Forgery (CSRF)	3.55	7.1	Sep 20, 2024
Botnet Attack Blocker<= 2.0.0 Cross Site Scripting (XSS)	6.5	6.5	Dec 6, 2024
Advanced Typekit<= 1.0.1 Cross Site Scripting (XSS)	6.5	6.5	Dec 16, 2024
Lexicata<= 1.0.16 Cross Site Scripting (XSS)	14.2	7.1	Oct 8, 2024
Ebook Downloader<= 1.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 15, 2024
Ebook Downloader<= 1.0 Cross Site Scripting (XSS)	N/A	6.5	Dec 15, 2024
Norse Rune Oracle Plugin<= 1.4.3 Cross Site Scripting (XSS)	N/A	6.5	Dec 17, 2024
Turisbook Booking System<= 1.3.8 Cross Site Scripting (XSS)	4.88	6.5	Oct 25, 2024
Sprout Clients<= 3.2 Cross Site Scripting (XSS)	4.88	6.5	Oct 12, 2024
Content Manager Light<= 3.2 Cross Site Scripting (XSS)	4.88	6.5	Oct 4, 2024
PhotoShelter for Photographers Blog Feed Plugin<= 1.5.7 Cross Site Scripting (XSS)	N/A	6.5	Dec 1, 2024
Hypotext<= 1.0.1 Cross Site Scripting (XSS)	N/A	6.5	Dec 16, 2024
Boo Recipes<= 2.4.1 Cross Site Scripting (XSS)	N/A	6.5	Dec 15, 2024
WP Chrono<= 1.5.4 Cross Site Scripting (XSS)	N/A	6.5	Dec 13, 2024
Lightweight and Responsive Youtube Embed<= 1.0.0 Cross Site Scripting (XSS)	N/A	6.5	Dec 11, 2024
Easy Magazine<= 2.1.13 Cross Site Scripting (XSS)	N/A	6.5	Dec 15, 2024
Client Showcase<= 1.2.0 Cross Site Scripting (XSS)	4.88	6.5	Oct 13, 2024
Auto scroll for reading<= 1.1.4 Cross Site Scripting (XSS)	14.2	7.1	Jan 2, 2025
Infusionsoft Web Form JavaScript<= 1.1.1 Cross Site Scripting (XSS)	N/A	6.5	Dec 16, 2024
Useinfluence<= 1.0.8 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 16, 2024
Processing Projects<= 1.0.2 Cross Site Scripting (XSS)	N/A	6.5	Dec 16, 2024
Rich Text Editor<= 1.0.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 16, 2024
byBrick Accordion<= 1.0 Cross Site Scripting (XSS)	N/A	6.5	Dec 16, 2024
CoverManager<= 0.0.1 Cross Site Scripting (XSS)	N/A	6.5	Dec 16, 2024
PostmarkApp Email Integrator<= 2.4 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 17, 2024
Varnish WordPress<= 1.7 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 17, 2024
Simple Contact Forms<= 1.6.4 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 17, 2024
Terms Before Download<= 1.0.5 Cross Site Scripting (XSS)	N/A	6.5	Dec 17, 2024
AB Google Map Travel <= 4.6 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 19, 2024
CookieHint WP<= 1.0.0 Cross Site Scripting (XSS)	N/A	6.5	Dec 21, 2024
Simple-Audioplayer<= 1.1 Cross Site Scripting (XSS)	N/A	6.5	Dec 21, 2024
Ultimate Live Cricket WordPress Lite<= 1.4.2 Cross Site Scripting (XSS)	N/A	6.5	Dec 29, 2024
Custom Content Scrollbar<= 1.3 Cross Site Scripting (XSS)	N/A	6.5	Dec 29, 2024
Secret Meta<= 1.2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 22, 2024
Cazamba<= 1.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 22, 2024
CM Map Locations<= 2.0.8 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
CM On Demand Search And Replace<= 1.4.5 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
Show notice or message on admin area<= 2.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 21, 2024
Breaking News Ticker<= 2.4.4 Cross Site Scripting (XSS)	4.88	6.5	Jan 2, 2025
WP Admin Custom Page<= 1.5.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 22, 2024
Vignette Ads<= 0.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 21, 2024
WP Social Stream<= 1.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 22, 2024
CM Ad Changer<= 1.9.8 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
CM Answers<= 3.2.4 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
CM Business Directory Plugin – Business Listing Directory<= 1.3.9 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
CM Curated List Manager<= 1.1.7 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
CM Custom WordPress Reports and Analytics<= 1.2.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
CM Download Manager<= 2.9.2 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
CM Email Registration Blacklist and Whitelist<= 1.5.2 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
CM WordPress FAQ Plugin<= 1.2.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
CM Header and Footer<= 1.2.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
CM Pop-Up banners<= 1.7.3 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
CM Product Recommendation Widget<= 1.1.5 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
CM Registration and Invitation Codes<= 2.4.6 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
CM Table Of Contents – WordPress TOC Plugin<= 1.2.1 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
CM Tooltip Glossary<= 4.3.11 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
Video Lessons Manager<= 1.8.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 7, 2024
seekXL Snapr<= 2.0.6 Cross Site Scripting (XSS)	14.2	7.1	Oct 22, 2024
UniTimetable<= 1.1 Cross Site Scripting (XSS)	13	6.5	Oct 22, 2024
Album Reviewer<= 2.0.2 Cross Site Scripting (XSS)	14.2	7.1	Oct 22, 2024
Issuu Panel<= 2.1.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 21, 2024
Post Carousel Slider<= 2.0.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 17, 2024
FlashCounter<= 1.1.8 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 21, 2024
Full Circle<= 0.5.7.8 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 21, 2024
Fare Calculator<= 1.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 29, 2024
Internal Link Builder<= 1.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 5, 2024
Scroll Styler<= 1.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Sep 13, 2024
Subscription DNA<= 2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 22, 2024
Caching Compatible Cookie Opt-In and JavaScript<= 0.0.10 Cross Site Scripting (XSS)	4.88	6.5	Oct 21, 2024
KBucket<= 4.1.6 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 26, 2024
ReviewsTap<= 1.1.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Oct 29, 2024
MachForm Shortcode<= 1.4.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Dec 7, 2024
Create with Code<= 1.4 Cross Site Scripting (XSS)	N/A	6.5	Dec 7, 2024
Show/Hide Shortcode<= 1.0.0 Cross Site Scripting (XSS)	N/A	6.5	Dec 29, 2024

Report vulnerabilities to earn bounties and rewards!

Include pending