Aiden

2196.9

XP

84

Reports

0

Reports, last 90 days

#21

18 Nov, 2025

Lvl 5

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Case Addons< 1.3.0 Arbitrary File Upload	29.7	9.9	Sep 14, 2025
JobSearch< 3.0.8 PHP Object Injection	45.08	9.8	Sep 3, 2025
WooCommerce Vehicle Parts Finder<= 3.7 PHP Object Injection	117.6	9.8	Aug 26, 2025
Scape<= 1.5.13 PHP Object Injection	39.2	9.8	Aug 8, 2025
FAT Event - WordPress Event and Calendar Booking<= 5.15 Local File Inclusion	48.6	8.1	Dec 24, 2024
Exertio Framework<= 1.3.3 SQL Injection	17	8.5	Jun 28, 2025
Golo<= 1.7.0 Broken Authentication	58.8	9.8	May 7, 2025
School Management<= 93.2.0 SQL Injection	17.48	7.6	May 18, 2025
Exertio<= 1.3.2 PHP Object Injection	39.2	9.8	Jun 28, 2025
MediCenter - Health Medical Clinic<= 15.1 PHP Object Injection	45.08	9.8	Jun 28, 2025
Traveler< 3.2.2 SQL Injection	37.2	9.3	May 16, 2025
WPGYM<= 65.0 SQL Injection	17	8.5	Dec 22, 2024
Nuss<= 1.3.7.1 Broken Access Control	15	7.5	May 8, 2025
Sala<= 1.1.3 Broken Access Control	11.25	7.5	May 8, 2025
RealHomes<= 4.4.0 Privilege Escalation	117.6	9.8	May 10, 2025
LMS<= 9.2 SQL Injection	37.2	9.3	May 13, 2025
LogisticsHub<= 1.1.6 Arbitrary File Upload	60	10	Apr 25, 2025
Red Art<= 3.8 PHP Object Injection	17.6	8.8	May 12, 2025
Homey<= 2.4.5 SQL Injection	37.2	9.3	May 13, 2025
LMS<= 9.2 Cross Site Scripting (XSS)	14.2	7.1	May 13, 2025
WPCRM - CRM for Contact form CF7 & WooCommerce<= 3.2.0 Cross Site Scripting (XSS)	14.2	7.1	Apr 22, 2025
Nuss<= 1.3.3 PHP Object Injection	17.6	8.8	May 8, 2025
Sala<= 1.1.3 PHP Object Injection	13.2	8.8	May 8, 2025
School Management<= 93.2.0 Privilege Escalation	30.36	8.8	May 18, 2025
School Management<= 93.0.0 Local File Inclusion	45	7.5	Mar 10, 2025
WPGYM<= 65.0 Local File Inclusion	22.5	7.5	Mar 10, 2025
WPCRM - CRM for Contact form CF7 & WooCommerce<= 3.2.0 SQL Injection	37.2	9.3	Apr 22, 2025
Slack Notifications by dorzki<= 2.0.7 Broken Access Control	4.3	4.3	Apr 27, 2025
oik<= 4.15.1 Broken Access Control	5.3	5.3	Apr 27, 2025
WPCHURCH<= 2.7.0 SQL Injection	37.2	9.3	Apr 16, 2025
MaxiBlocks<= 2.1.0 Privilege Escalation	19.8	8.8	Apr 7, 2025
WPCHURCH<= 2.7.0 Privilege Escalation	26.4	8.8	Apr 16, 2025
Course Builder< 3.6.6 PHP Object Injection	39.2	9.8	May 10, 2025
Bus Ticket Booking with Seat Reservation for WooCommerce<= 1.7 SQL Injection	37.2	9.3	Dec 19, 2024
Hospital Management System<= 47.0(20-11-2023) Privilege Escalation	30.36	8.8	Dec 27, 2024
JP Students Result Management System Premium1.1.7 Arbitrary File Upload	54	9	Dec 24, 2024
School Management<= 92.0.0 SQL Injection	21.25	8.5	Dec 22, 2024
WPCHURCH<= 2.7.0 Cross Site Scripting (XSS)	14.2	7.1	Apr 16, 2025
Hospital Management System<= 47.0(20-11-2023) Arbitrary File Upload	34.16	9.9	Dec 27, 2024
GDPR CCPA Compliance Support<= 2.7.3 Broken Access Control	4.3	4.3	Apr 30, 2025
WPCHURCH<= 2.7.0 Local File Inclusion	48.6	8.1	Apr 17, 2025
StoreKeeper for WooCommerce<= 14.4.4 Arbitrary File Upload	60	10	Mar 19, 2025
Productive Commerce<= 1.1.33 SQL Injection	37.2	9.3	Mar 27, 2025
Ultimate WP Mail<= 1.3.4 SQL Injection	12.75	8.5	Apr 7, 2025
SEUR Oficial<= 2.2.23 Local File Inclusion	48.6	8.1	Apr 13, 2025
Hospital Management System<= 47.0(20-11-2023) Arbitrary File Upload	60	10	Dec 14, 2024
Hospital Management System<= 47.0(20-11-2023) Cross Site Scripting (XSS)	14.2	7.1	Dec 13, 2024
Control Listings<= 1.0.4.1 Cross Site Scripting (XSS)	14.2	7.1	Apr 4, 2025
Revy<= 2.1 SQL Injection	19.55	8.5	Dec 18, 2024
FAT Services Booking<= 5.6 SQL Injection	19.55	8.5	Dec 18, 2024
Hospital Management System<= 47.0(20-11-2023) SQL Injection	21.25	8.5	Dec 17, 2024
WPAMS<= 44.0 (17-08-2023) Privilege Escalation	30.36	8.8	Dec 27, 2024
WPAMS<= 44.0 Local File Inclusion	117.6	9.8	Mar 10, 2025
WPAMS<= 44.0 (17-08-2023) SQL Injection	37.2	9.3	Dec 13, 2024
WPAMS<= 44.0 (17-08-2023) Cross Site Scripting (XSS)	14.2	7.1	Dec 13, 2024
WPAMS<= 44.0 (17-08-2023) SQL Injection	21.25	8.5	Dec 18, 2024
Eazy Plugin Manager<= 4.3.0 Broken Access Control	8.8	8.8	Dec 1, 2024
Accessibility Suite<= 4.18 SQL Injection	17	8.5	Feb 16, 2025
Error Log Viewer<= 1.0.5 SQL Injection	17	8.5	Mar 6, 2025
Review Stars Count For WooCommerce<= 2.0 SQL Injection	17	8.5	Mar 8, 2025
Specia Companion<= 5.8 Broken Access Control	6.5	6.5	Nov 23, 2024
TextMe SMS<= 1.9.1 Broken Access Control	6.5	6.5	Nov 30, 2024
Piotnet Forms<= 1.0.30 Cross Site Scripting (XSS)	2.95	5.9	Nov 19, 2024
Cue<= 2.4.4 Broken Access Control	4.3	4.3	Nov 22, 2024
Advanced WooCommerce Product Sales Reporting<= 4.1.0 SQL Injection	37.2	9.3	Feb 11, 2025
RSVPMarker <= 11.6.6 SQL Injection	37.2	9.3	Feb 11, 2025
XV Random Quotes<= 1.40 SQL Injection	37.2	9.3	Feb 12, 2025
Trust Payments Gateway for WooCommerce<= 1.1.4 SQL Injection	37.2	9.3	Feb 18, 2025
Distance Rate Shipping for WooCommerce<= 1.3.4 SQL Injection	17	8.5	Dec 20, 2024
CWD – Stealth Links<= 1.3 SQL Injection	37.2	9.3	Dec 22, 2024
JSM Show Post Metadata<= 4.6.0 Broken Access Control	4.3	4.3	Nov 23, 2024
GDPR CCPA Compliance Support<= 2.7.1 Broken Access Control	3.23	4.3	Nov 23, 2024
WordPress Local SEO<= 2.3 SQL Injection	37.2	9.3	Dec 29, 2024
Data Tables Generator by Supsystic<= 1.10.36 Broken Access Control	5.4	5.4	Nov 18, 2024
WPSSO Core<= 18.18.1 Broken Access Control	4.3	4.3	Nov 22, 2024
Mark New Posts<= 7.5.1 Broken Access Control	5.4	5.4	Nov 28, 2024
Cryptocurrency Price Widget<= 1.2.3 Cross Site Scripting (XSS)	2.95	5.9	Nov 29, 2024
Car Dealer<= 4.46 Broken Access Control	4.3	4.3	Dec 5, 2024
SeedProd Pro< 6.18.13 SQL Injection	N/A	7.6	Nov 7, 2024
WPBookit<= 1.6.0 SQL Injection	N/A	9.3	Nov 9, 2024
Notibar<= 2.1.4 Broken Access Control	3.23	4.3	Nov 23, 2024
Barcode Scanner with Inventory & Order Manager<= 1.6.6 Cross Site Scripting (XSS)	16.33	7.1	Nov 26, 2024

Report vulnerabilities to earn bounties and rewards!

Include pending