Dave Jong (Patchstack)

0

XP

0

Reports

0

Reports, last 90 days

-

28 Dec, 2025

Lvl 0

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
wProject< 5.8.0 Privilege Escalation	N/A	8.8	May 19, 2024
wProject< 5.8.0 Settings Change	N/A	8.2	May 19, 2024
wProject< 5.8.0 Cross Site Scripting (XSS)	N/A	7.1	May 19, 2024
Seraphinite Accelerator<= 2.22.15 Sensitive Data Exposure	8.6	4.3	Jun 29, 2024
Seraphinite Accelerator (Full, premium)<= 2.21.13 Sensitive Data Exposure	N/A	4.3	Jun 29, 2024
WP SuperBackup<= 2.3.3 Broken Access Control	7.4	7.4	May 18, 2024
WP SuperBackup<= 2.3.3 Cross Site Scripting (XSS)	14.2	7.1	May 18, 2024
WP SuperBackup<= 2.3.3 PHP Object Injection	15	7.5	May 18, 2024
WP SuperBackup<= 2.3.3 Arbitrary File Download	22.5	7.5	May 18, 2024
WP SuperBackup<= 2.3.3 Arbitrary File Upload	60	10	May 18, 2024
FAT Services Booking<= 5.6 SQL Injection	N/A	9.3	May 4, 2024
FAT Services Booking<= 5.6 Cross Site Scripting (XSS)	N/A	7.1	May 4, 2024
AIO Contact<= 2.8.1 Cross Site Scripting (XSS)	N/A	7.1	Apr 27, 2024
AIO Contact<= 2.8.1 Settings Change	N/A	6.5	Apr 27, 2024
ARForms<= 6.4.1 Settings Change	5.4	5.4	Feb 25, 2024
ARForms<= 6.4.1 Path Traversal	7.7	7.7	Feb 25, 2024
Revy<= 1.18 SQL Injection	N/A	9.3	Feb 18, 2024
Revy<= 1.18 Arbitrary File Upload	N/A	10	Feb 18, 2024
Droip< 2.5.2 Arbitrary File Deletion	N/A	10	May 19, 2024
Droip< 2.5.2 Settings Change	N/A	6.3	May 19, 2024
Brickscore<= 1.4.2.5 Cross Site Scripting (XSS)	N/A	7.1	Apr 20, 2024
WP Armour Extended<= 1.26 Cross Site Scripting (XSS)	N/A	7.1	Apr 28, 2024
WP Armour Extended<= 1.26 Cross Site Request Forgery (CSRF)	N/A	5.4	Apr 28, 2024
Greenshift Woocommerce Addon< 1.9.8 SQL Injection	N/A	8.5	Feb 8, 2024
Greenshift Query and Meta Addon< 3.9.2 SQL Injection	N/A	8.5	Feb 8, 2024
Propovoice Pro<= 1.7.0.3 SQL Injection	N/A	9.3	Mar 15, 2024
Z Y N I T H<= 7.4.9 Settings Change	26	6.5	Feb 23, 2024
Z Y N I T H<= 7.4.9 Settings Change	26	6.5	Feb 23, 2024
WBW Product Table PRO<= 1.9.4 SQL Injection	N/A	10	Feb 9, 2024
Leopard - WordPress offload media<= 2.0.36 Sensitive Data Exposure	6.5	6.5	Feb 17, 2024
Leopard - WordPress offload media<= 2.0.36 Settings Change	7.1	7.1	Feb 17, 2024
Bit Form Pro<= 2.6.4 Sensitive Data Exposure	N/A	6.5	Feb 11, 2024
Bit Form Pro<= 2.6.4 Settings Change	N/A	7.1	Feb 11, 2024
Bit Form Pro<= 2.6.4 Arbitrary File Upload	N/A	9.9	Feb 11, 2024
Bit Form Pro<= 2.6.4 Arbitrary File Deletion	N/A	8.6	Feb 11, 2024
WHMpress<= 6.2-revision-5 Settings Change	8.8	8.8	Jan 28, 2024
WHMpress<= 6.2-revision-5 Cross Site Scripting (XSS)	14.2	7.1	Jan 28, 2024
JobSearch<= 2.3.4 Privilege Escalation	N/A	9.8	Jan 14, 2024
BerqWP<= 1.7.6 Arbitrary File Upload	N/A	10	May 11, 2024
Docket (WooCommerce Collections / Wishlist / Watchlist)< 1.7.0 SQL Injection	N/A	9.3	Jul 14, 2024
Docket (WooCommerce Collections / Wishlist / Watchlist)< 1.7.0 Arbitrary Content Deletion	N/A	7.5	Jul 14, 2024
Tin Canny Reporting for LearnDash<= 4.3.0.7 Cross Site Scripting (XSS)	N/A	7.1	Dec 5, 2023
WooCommerce PDF Vouchers< 4.9.5 Cross Site Scripting (XSS)	14.2	7.1	Jul 14, 2024
WooCommerce PDF Vouchers< 4.9.5 Arbitrary File Deletion	25.8	8.6	Jul 14, 2024
WooCommerce PDF Vouchers< 4.9.5 Multiple Vulnerabilities	14.6	7.3	Jul 14, 2024
Backup and Staging by WP Time Capsule<= 1.22.20 Privilege Escalation	29.4	9.8	Jul 2, 2024
Uncanny Automator Pro<= 5.3 Cross Site Scripting (XSS)	N/A	7.1	Nov 23, 2023
BerqWP<= 1.7.5 Server Side Request Forgery (SSRF)	N/A	7.2	May 11, 2024
Seraphinite Accelerator (Full, premium)<= 2.21.13 Cross Site Request Forgery (CSRF)	N/A	7.4	Jun 29, 2024
Woocommerce OpenPos<= 7.0.1 Broken Access Control	15	7.5	Feb 4, 2024
Woocommerce OpenPos<= 6.4.4 SQL Injection	27.9	9.3	Feb 4, 2024
Woocommerce OpenPos<= 6.4.4 Arbitrary File Deletion	25.8	8.6	Feb 4, 2024
User Activity Log Pro<= 2.3.4 Broken Access Control	N/A	6.3	Jan 14, 2024
Jobmonster< 4.7.5 Arbitrary File Deletion	N/A	8.6	Jan 13, 2024
Jobmonster<= 4.7.5 Privilege Escalation	N/A	9.8	Jan 13, 2024
BuddyBoss Theme<= 2.4.61 Cross Site Request Forgery (CSRF)	N/A	5.4	Nov 22, 2023
BookYourTravel<= 8.18.17 Privilege Escalation	13.2	8.8	Mar 20, 2024
JetThemeCore< 2.2.1 Arbitrary File Deletion	N/A	7.7	Feb 21, 2024
Uncanny Toolkit Pro for LearnDash< 4.1.4.1 Other Vulnerability Type	N/A	5.4	Nov 24, 2023
Uncanny Toolkit Pro for LearnDash< 4.1.4.1 Cross Site Request Forgery (CSRF)	N/A	5.4	Nov 24, 2023
Uncanny Toolkit Pro for LearnDash< 4.1.4.1 Cross Site Scripting (XSS)	N/A	7.1	Nov 24, 2023
Uncanny Automator Pro< 5.3.0.1 Cross Site Request Forgery (CSRF)	N/A	5.4	Nov 23, 2023
Uncanny Automator Pro< 5.3.0.1 Settings Change	N/A	5.3	Nov 23, 2023
Hercules Core <= 6.5 Settings Change	N/A	8.8	Feb 18, 2024
WishList Member X< 3.26.7 Sensitive Data Exposure	N/A	9.8	Feb 10, 2024
WishList Member X< 3.26.7 SQL Injection	N/A	10	Feb 10, 2024
WishList Member X< 3.26.7 Denial of Service Attack	N/A	7.5	Feb 10, 2024
WishList Member X< 3.26.7 Sensitive Data Exposure	N/A	7.5	Feb 10, 2024
WishList Member X< 3.26.7 Arbitrary Code Execution	N/A	9.9	Feb 10, 2024
WishList Member X< 3.26.7 Arbitrary File Deletion	N/A	7.7	Feb 10, 2024
WishList Member X< 3.26.7 Privilege Escalation	N/A	8.8	Feb 10, 2024
WishList Member X< 3.26.7 Settings Change	N/A	8.2	Feb 10, 2024
WooCommerce Dropshipping<= 5.1.2 Content Spoofing	10.6	5.3	Jan 19, 2024
WP Visitors Tracker<= 2.3 Cross Site Scripting (XSS)	N/A	7.1	May 19, 2024
Widget Options - Extended<= 5.1.0 Sensitive Data Exposure	N/A	6.5	Feb 28, 2024
Widget Options - Extended<= 5.1.0 Sensitive Data Exposure	N/A	4.3	Feb 28, 2024
Widget Options<= 4.0.1 Sensitive Data Exposure	17.2	4.3	Feb 28, 2024
Widget Options<= 4.0.1 Sensitive Data Exposure	26	6.5	Feb 28, 2024
Otter Blocks PRO<= 2.6.11 Sensitive Data Exposure	N/A	4.3	Apr 28, 2024
Checkout Field Editor for WooCommerce (Pro)<= 3.6.2 Arbitrary File Deletion	N/A	8.6	May 2, 2024
WooCommerce AWeber Newsletter Subscription<= 4.0.2 Settings Change	N/A	6.5	Dec 1, 2023
Piotnet Addons For Elementor Pro<= 7.1.17 Arbitrary Content Deletion	N/A	7.5	Nov 22, 2023
Piotnet Addons For Elementor Pro<= 7.1.17 Server Side Request Forgery (SSRF)	N/A	5.4	Nov 22, 2023
Piotnet Addons For Elementor Pro<= 7.1.17 Cross Site Scripting (XSS)	N/A	7.1	Nov 22, 2023
Piotnet Addons For Elementor Pro<= 7.1.17 Cross Site Request Forgery (CSRF)	N/A	5.4	Nov 22, 2023
Piotnet Addons For Elementor Pro<= 7.1.17 Cross Site Scripting (XSS)	N/A	6.5	Nov 22, 2023
XforWooCommerce<= 2.0.2 Local File Inclusion	N/A	8.8	Dec 23, 2023
Max Addons Pro for Bricks<= 1.6.1 Cross Site Scripting (XSS)	N/A	7.1	Mar 5, 2024
Max Addons Pro for Bricks<= 1.6.1 Settings Change	N/A	6.5	Mar 5, 2024
ARForms<= 6.4 SQL Injection	12.75	8.5	Feb 25, 2024
ARForms<= 6.4 Settings Change	7.1	7.1	Feb 25, 2024
ARForms<= 6.4 Settings Change	7.1	7.1	Feb 25, 2024
ARForms<= 6.4 Arbitrary File Deletion	11.55	7.7	Feb 25, 2024
ARForms<= 6.4 Cross Site Scripting (XSS)	14.2	7.1	Feb 25, 2024
LoginPress Pro< 3.0.0 Settings Change	N/A	6.5	Nov 25, 2023
LoginPress Pro< 3.0.0 Bypass Vulnerability	N/A	5.3	Nov 25, 2023
Z Y N I T H<= 7.4.9 Cross Site Scripting (XSS)	34.4	8.6	Feb 23, 2024
Superfly Menu<= 5.0.25 Cross Site Scripting (XSS)	N/A	7.1	Jan 14, 2024
User Activity Log Pro<= 2.3.4 SQL Injection	N/A	8.5	Jan 14, 2024
Citadela Listing<= 5.18.1 Sensitive Data Exposure	N/A	7.5	Dec 27, 2023

Report vulnerabilities to earn bounties and rewards!

Include pending