Steven Julian

Say thanks

591.08

XP

66

Reports

0

Reports, last 90 days

#12

17 Nov, 2025

Lvl 2

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
MailChimp Subscribe Forms <= 4.0.9.7 Cross Site Scripting (XSS)	2.95	5.9	Feb 29, 2024
StreamCast<= 2.2.3 Cross Site Scripting (XSS)	2.95	5.9	Feb 23, 2024
Slider by Soliloquy<= 2.7.6 Cross Site Scripting (XSS)	8.85	5.9	Jan 26, 2024
iPanorama 360 WordPress Virtual Tour Builder<= 1.8.3 Broken Access Control	10.6	5.3	Jan 24, 2024
e2pdf<= 1.20.27 Broken Access Control	5.4	5.4	Feb 13, 2024
Depicter Slider<= 3.0.2 Cross Site Scripting (XSS)	8.85	5.9	Jan 25, 2024
Transition Slider – Responsive Image Slider and Gallery<= 2.20.3 Cross Site Scripting (XSS)	3.25	5.9	Feb 1, 2024
Slideshow SE<= 2.5.20 Cross Site Scripting (XSS)	2.95	5.9	Jan 26, 2024
Serious Slider<= 1.2.4 Cross Site Scripting (XSS)	6.5	6.5	Mar 21, 2024
Awesome Support<= 6.1.7 Broken Access Control	4.3	4.3	Jan 30, 2024
Slider Responsive Slideshow – Image slider, Gallery slideshow<= 1.4.0 Broken Access Control	4.3	4.3	Feb 7, 2024
Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery<= 1.4.5 Broken Access Control	4.3	4.3	Feb 7, 2024
Album Gallery – WordPress Gallery<= 1.5.7 Broken Access Control	4.3	4.3	Feb 7, 2024
Media Slider – Photo Sleder, Video Slider, Link Slider, Carousal Slideshow<= 1.3.9 Broken Access Control	4.3	4.3	Feb 7, 2024
Integrate Google Drive<= 1.3.93 Broken Authentication	10.6	5.3	Jan 14, 2024
WP-Recall<= 16.26.6 Cross Site Request Forgery (CSRF)	2.7	5.4	Jan 17, 2024
Radio Player<= 2.0.73 Broken Access Control	10.6	5.3	Jan 29, 2024
Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery<= 1.5.3 Broken Access Control	4.3	4.3	Feb 6, 2024
Mooberry Book Manager<= 4.15.12 Sensitive Data Exposure	10.6	5.3	Jan 25, 2024
Popup box<= 4.1.2 Cross Site Request Forgery (CSRF)	7.1	7.1	Jan 25, 2024
Masteriyo - LMS<= 1.7.3 Broken Authentication	10.6	5.3	Jan 17, 2024
Academy LMS<= 1.9.16 Broken Access Control	7.1	7.1	Jan 12, 2024
Digital Publications by Supsystic<= 1.7.7 Broken Access Control	10.6	5.3	Jan 8, 2024
iPages Flipbook<= 1.5.1 Broken Access Control	10.6	5.3	Jan 22, 2024
Print My Blog<= 3.26.2 Broken Access Control	10.6	5.3	Jan 23, 2024
Filterable Portfolio<= 1.6.5 Cross Site Scripting (XSS)	N/A	5.9	Mar 6, 2024
Serious Slider<= 1.2.4 Cross Site Request Forgery (CSRF)	4.3	4.3	Mar 21, 2024
Five Star Restaurant Reservations<= 2.6.16 Broken Access Control	10.6	5.3	Jan 18, 2024
Radio Player<= 2.0.73 Server Side Request Forgery (SSRF)	10.8	5.4	Jan 29, 2024
Photo Gallery by 10Web<= 1.8.20 Broken Access Control	53	5.3	Jan 23, 2024
Crelly Slider<= 1.4.5 Insecure Direct Object References (IDOR)	4.3	4.3	Mar 21, 2024
FV Flowplayer Video Player<= 7.5.43.7212 Server Side Request Forgery (SSRF)	9.8	4.9	Feb 29, 2024
Integrate Google Drive<= 1.3.8 Broken Access Control	16.6	8.3	Mar 5, 2024
Data Tables Generator by Supsystic<= 1.10.31 Broken Access Control	4.3	4.3	Jan 9, 2024
Integrate Google Drive<= 1.3.9 Broken Access Control	10.6	5.3	Jan 14, 2024
Pricing Table by Supsystic<= 1.9.12 Content Injection	4.3	4.3	Jan 5, 2024
VikRentCar<= 1.3.2 Sensitive Data Exposure	11.8	5.9	Jan 20, 2024
Vision Interactive<= 1.7.1 Broken Access Control	10.6	5.3	Jan 29, 2024
3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin<= 3.62 Cross Site Scripting (XSS)	14.2	7.1	Jan 25, 2024
Popup Anything<= 2.8 Broken Access Control	31.8	5.3	Jan 30, 2024
Gutenberg Block Editor Toolkit<= 1.40.4 Cross Site Scripting (XSS)	9.75	6.5	Jan 18, 2024
Photo Gallery by 10Web<= 1.8.21 Cross Site Scripting (XSS)	71	7.1	Jan 23, 2024
Radio Player<= 2.0.73 Sensitive Data Exposure	5.4	5.4	Mar 4, 2024
RestroPress<= 3.1.2 Cross Site Request Forgery (CSRF)	2.7	5.4	Feb 8, 2024
CP Media Player<= 1.1.3 Cross Site Request Forgery (CSRF)	2.7	5.4	Jan 26, 2024
Feather Login Page<= 1.1.5 Cross Site Request Forgery (CSRF)	2.15	4.3	Feb 29, 2024
Popup by Supsystic<= 1.10.27 Broken Access Control	4.3	4.3	Jan 8, 2024
e2pdf<= 1.20.27 Cross Site Request Forgery (CSRF)	2.7	5.4	Feb 13, 2024
BookingPress<= 1.0.81 Insecure Direct Object References (IDOR)	4.3	4.3	Jan 2, 2024
Masteriyo - LMS<= 1.7.2 Privilege Escalation	29.4	9.8	Jan 15, 2024
Ultimate Maps by Supsystic<= 1.2.16 Cross Site Request Forgery (CSRF)	0.54	4.3	Jan 9, 2024
Easy Google Maps<= 1.11.11 Cross Site Request Forgery (CSRF)	1.08	4.3	Jan 9, 2024
Whizzy<= 1.1.18 Broken Access Control	10.6	5.3	Jan 29, 2024
Whizzy<= 1.1.18 Insecure Direct Object References (IDOR)	6.5	6.5	Jan 29, 2024
MP3 Audio Player for Music, Radio & Podcast by Sonaar<= 5.1 Cross Site Scripting (XSS)	4.88	6.5	Mar 4, 2024
Spiffy Calendar<= 4.9.10 Broken Access Control	4.05	5.4	Mar 11, 2024
MP3 Audio Player for Music, Radio & Podcast by Sonaar<= 5.1 Broken Access Control	7.6	7.6	Mar 4, 2024
Landing Page Builder<= 1.5.1.7 Cross Site Scripting (XSS)	2.95	5.9	Feb 5, 2024
Web Icons<= 1.0.0.10 Cross Site Scripting (XSS)	4.88	6.5	Jan 18, 2024
WCFM – Frontend Manager for WooCommerce<= 6.7.8 Cross Site Scripting (XSS)	2.95	5.9	Jan 12, 2024
Aparat for WordPress<= 2.2.0 Cross Site Scripting (XSS)	4.88	6.5	Jan 30, 2024
PDF Embedder<= 4.6.4 Cross Site Scripting (XSS)	20.63	5.5	Jan 24, 2024
Five Star Restaurant Menu<= 2.4.14 Cross Site Scripting (XSS)	4.88	6.5	Jan 24, 2024
Download Media<= 1.4.2 Broken Access Control	4.3	4.3	Feb 10, 2024
My Calendar<= 3.4.23 Cross Site Scripting (XSS)	4.88	6.5	Jan 18, 2024
Five Star Restaurant Reviews<= 2.3.5 Cross Site Scripting (XSS)	4.88	6.5	Jan 24, 2024

Report vulnerabilities to earn bounties and rewards!

Include pending