João Pedro S Alcântara (Kinorth)

Say thanks

16633.78

XP

1004

Reports

117

Reports, last 90 days

#1

18 Jan, 2026

Lvl 10

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
North<= 5.7.5 Local File Inclusion	32.4	8.1	Oct 3, 2025
North<= 5.7.5 PHP Object Injection	13.2	8.8	Oct 3, 2025
Hide My WP<= 6.2.12 Cross Site Scripting (XSS)	28.4	7.1	Sep 27, 2025
WPLMS<= 1.9.9.5.4 Arbitrary File Deletion	103.2	8.6	Sep 22, 2025
JupiterX Core<= 4.10.1 PHP Object Injection	39.6	8.8	Sep 8, 2025
WP Lead Capturing Pages<= 2.5 SQL Injection	8.5	8.5	Aug 31, 2025
Accordion Slider PRO<= 1.2 Cross Site Scripting (XSS)	7.1	7.1	Aug 31, 2025
xPromoter<= 1.3.4 Cross Site Scripting (XSS)	7.1	7.1	Aug 30, 2025
DZS Video Gallery<= 12.37 SQL Injection	17	8.5	Aug 30, 2025
TheGem Theme Elements (for WPBakery)<= 5.11.0 Cross Site Scripting (XSS)	14.63	6.5	Dec 11, 2025
TheGem Theme Elements (for Elementor)<= 5.11.0 Cross Site Scripting (XSS)	14.63	6.5	Dec 11, 2025
TheGem Theme Elements (for Elementor)<= 5.11.0 Local File Inclusion	33.75	7.5	Dec 11, 2025
Zorka<= 1.5.7 Broken Access Control	10.6	5.3	Dec 9, 2025
WP Lead Capturing Pages<= 2.5 SQL Injection	18.6	9.3	Aug 31, 2025
Super Interactive Maps<= 2.3 Cross Site Scripting (XSS)	10.65	7.1	Aug 30, 2025
Magic Responsive Slider and Carousel WordPress<= 1.6 Cross Site Scripting (XSS)	7.1	7.1	Aug 29, 2025
Magic Slider<= 2.2 Cross Site Scripting (XSS)	7.1	7.1	Aug 29, 2025
Image&Video FullScreen Background<= 1.6.7 Cross Site Scripting (XSS)	10.65	7.1	Aug 29, 2025
HTML5 Video Player with Playlist & Multiple Skins<= 5.3.5 Cross Site Scripting (XSS)	14.2	7.1	Aug 28, 2025
HTML5 Video Player<= 5.3.5 Cross Site Scripting (XSS)	14.2	7.1	Aug 28, 2025
Famous - Responsive Image And Video Grid Gallery WordPress Plugin<= 1.4 Cross Site Scripting (XSS)	7.1	7.1	Aug 27, 2025
CountDown With Image or Video Background<= 1.5 Cross Site Scripting (XSS)	7.1	7.1	Aug 27, 2025
WP Virtual Assistant<= 3.0 Cross Site Scripting (XSS)	10.65	7.1	Aug 22, 2025
WP Attractive Donations System - Easy Stripe & Paypal donations<= 1.25 Arbitrary Content Deletion	7.5	7.5	Aug 21, 2025
WooCommerce Orders & Customers Exporter<= 5.4 SQL Injection	8.5	8.5	Aug 20, 2025
Handmade Framework<= 3.9 Local File Inclusion	11.25	7.5	Dec 8, 2025
Real Estate Pro<= 2.1.4 Cross Site Scripting (XSS)	14.2	7.1	Aug 11, 2025
ListingHub1.2.6 Cross Site Scripting (XSS)	7.1	7.1	Aug 11, 2025
Listeo Core< 2.0.19 Cross Site Scripting (XSS)	16.33	7.1	Oct 22, 2025
Automotive Listings<= 18.6 SQL Injection	37.2	9.3	Oct 20, 2025
Grand Restaurant< 7.0.9 Cross Site Scripting (XSS)	32.66	7.1	Oct 18, 2025
Jobify<= 4.3.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 14, 2025
DeepDigital<= 1.0.2 Content Injection	10.6	5.3	Dec 6, 2025
Bookory<= 2.2.7 Local File Inclusion	11.25	7.5	Dec 2, 2025
Triply<= 2.4.7 Local File Inclusion	11.25	7.5	Dec 2, 2025
Freshio<= 2.4.2 Local File Inclusion	11.25	7.5	Dec 2, 2025
Calafate<= 1.7.7 Local File Inclusion	11.25	7.5	Dec 2, 2025
Valenti Engine<= 1.0.3 Cross Site Scripting (XSS)	4.88	6.5	Oct 21, 2025
JobBank<= 1.2.2 Cross Site Scripting (XSS)	7.1	7.1	Aug 9, 2025
Hotel Listing<= 1.4.0 Cross Site Scripting (XSS)	7.1	7.1	Jul 31, 2025
Universal Video Player<= 3.8.4 Cross Site Scripting (XSS)	7.1	7.1	Jun 13, 2025
WBC907 Core<= 3.4.1 Cross Site Scripting (XSS)	4.88	6.5	Oct 15, 2025
XStore Core< 5.6 Cross Site Scripting (XSS)	33.64	6.5	Sep 17, 2025
Fana<= 1.1.35 Local File Inclusion	8.44	7.5	Nov 28, 2025
Zota<= 1.3.14 Local File Inclusion	8.44	7.5	Nov 27, 2025
Nika<= 1.2.14 Local File Inclusion	8.44	7.5	Nov 29, 2025
Diza<= 1.3.15 Local File Inclusion	8.44	7.5	Nov 28, 2025
Cinerama - A WordPress Theme for Movie Studios and Filmmakers<= 2.4 Local File Inclusion	11.25	7.5	Nov 20, 2025
Aora<= 1.3.15 Local File Inclusion	11.25	7.5	Nov 20, 2025
Puca<= 2.6.39 Local File Inclusion	11.25	7.5	Nov 20, 2025
Greenmart<= 4.2.11 Local File Inclusion	11.25	7.5	Nov 20, 2025
Wilmër< 3.5 Local File Inclusion	13.2	8.8	Nov 17, 2025
ekommart< 4.3.1 Local File Inclusion	11.25	7.5	Nov 17, 2025
Sailing< 4.4.6 Local File Inclusion	11.25	7.5	Nov 18, 2025
Urna<= 2.5.12 Local File Inclusion	11.25	7.5	Nov 20, 2025
Fashion< 5.3.0 Local File Inclusion	11.25	7.5	Nov 17, 2025
Besa<= 2.3.15 Local File Inclusion	11.25	7.5	Nov 20, 2025
Hara<= 1.2.17 Local File Inclusion	11.25	7.5	Nov 20, 2025
Sailing< 4.4.6 Broken Access Control	10.6	5.3	Nov 18, 2025
Kerge<= 4.1.3 Server Side Request Forgery (SSRF)	10.8	5.4	Nov 22, 2025
PenNews< 6.7.4 Broken Access Control	10.6	5.3	Nov 14, 2025
EduMall<= 4.4.7 Local File Inclusion	11.25	7.5	Nov 14, 2025
MinimogWP<= 3.9.6 Local File Inclusion	11.25	7.5	Nov 13, 2025
Turitor< 1.5.3 Local File Inclusion	11.25	7.5	Nov 13, 2025
Digiqole< 2.2.7 Local File Inclusion	11.25	7.5	Nov 13, 2025
Exhibz<= 3.0.9 Local File Inclusion	11.25	7.5	Nov 13, 2025
Jobmonster Elementor Addon<= 1.1.4 Local File Inclusion	11.25	7.5	Nov 12, 2025
Jobmonster<= 4.8.2 Local File Inclusion	12.94	7.5	Nov 12, 2025
Homey Core<= 2.4.3 Broken Access Control	10.6	5.3	Nov 10, 2025
AdForest<= 6.0.11 Broken Access Control	10.6	5.3	Nov 4, 2025
WerkStatt Plugin<= 1.6.6 Local File Inclusion	11.25	7.5	Oct 31, 2025
Basel<= 5.9.1 Broken Access Control	10.6	5.3	Oct 20, 2025
Grand Restaurant Theme Elements for Elementor<= 2.1.1 Cross Site Scripting (XSS)	4.88	6.5	Oct 19, 2025
Select Core< 2.6 Cross Site Scripting (XSS)	4.88	6.5	Oct 15, 2025
Select Core< 2.6 Local File Inclusion	11.25	7.5	Oct 15, 2025
Photography<= 7.7.2 Cross Site Scripting (XSS)	32.66	7.1	Oct 12, 2025
Hub Core<= 5.0.8 Local File Inclusion	11.25	7.5	Oct 10, 2025
Traveler< 3.2.6 SQL Injection	19.55	8.5	Oct 8, 2025
Traveler<= 3.2.6 Broken Access Control	12.19	5.3	Oct 8, 2025
Traveler< 3.2.6 Cross Site Scripting (XSS)	16.33	7.1	Oct 8, 2025
Traveler< 3.2.6 Local File Inclusion	37.26	8.1	Oct 7, 2025
Rey Core<= 3.1.8 Cross Site Scripting (XSS)	4.88	6.5	Oct 6, 2025
Ohio Extra<= 3.6.0 Cross Site Scripting (XSS)	8.41	6.5	Oct 5, 2025
North - Required Plugin<= 1.4.2 Local File Inclusion	11.25	7.5	Oct 4, 2025
SmartMag<= 10.3.0 Local File Inclusion	11.25	7.5	Oct 2, 2025
SmartMag<= 10.3.1 Cross Site Scripting (XSS)	9.75	6.5	Sep 30, 2025
Masterstudy< 4.8.126 Local File Inclusion	11.25	7.5	Sep 30, 2025
K Elements< 5.5.0 Cross Site Scripting (XSS)	8.41	6.5	Sep 30, 2025
Kleo< 5.5.0 Local File Inclusion	19.41	7.5	Sep 30, 2025
Jannah - Extensions<= 1.1.4 Cross Site Scripting (XSS)	4.88	6.5	Sep 30, 2025
Jannah<= 7.6.0 Cross Site Scripting (XSS)	14.2	7.1	Sep 29, 2025
Jannah<= 7.6.0 PHP Object Injection	39.2	9.8	Sep 29, 2025
Ninja Popups<= 4.7.8 Cross Site Scripting (XSS)	9.75	6.5	Sep 29, 2025
EventON<= 4.9.12 Cross Site Scripting (XSS)	16.82	6.5	Sep 29, 2025
Jannah<= 7.6.0 Local File Inclusion	32.4	8.1	Sep 29, 2025
Soledad<= 8.7.0 Local File Inclusion	33.75	7.5	Sep 28, 2025
Mailster< 4.1.14 Cross Site Scripting (XSS)	48.99	7.1	Sep 27, 2025
Master Slider Pro<= 3.7.12 Cross Site Scripting (XSS)	9.75	6.5	Sep 27, 2025
Ronneby Theme Core<= 1.5.68 Cross Site Scripting (XSS)	9.75	6.5	Sep 27, 2025
Ronneby Theme Core<= 1.5.68 Local File Inclusion	22.5	7.5	Sep 27, 2025

Report vulnerabilities to earn bounties and rewards!

Include pending