Pricing
Solutions
WordPress security
Instantly fix and mitigate vulnerabilities
Plugin auditing
Paid auditing for WordPress vendors
Managed VDP
Start a security program for your plugins
Bug Bounty
Join the community and earn bounties
Enterprise API
At scale monitoring and vPatching for hosts
Vulnerability database
The latest WordPress security intelligence
Login
Start trial
CatFather
338.45
XP
42
Reports
0
Reports, last 90 days
#13
18 Nov, 2025
Lvl 2
0
0
0
0
Website
X
GitHub
Sort by
Priority
Severity
Exploited
Search
Affected software | Vulnerability
CVE
AXP
Severity
Reported
Crew HRM
<= 1.1.1
PHP Object Injection
N/A
9
Feb 15, 2024
Contest Gallery
<= 23.1.2
Cross Site Scripting (XSS)
28.57
7.1
Feb 9, 2024
Print My Blog
<= 3.27.0
Cross Site Scripting (XSS)
3.39
5.9
Feb 11, 2024
SP Project & Document Manager
<= 4.71
Directory Traversal
7.5
7.5
Feb 8, 2024
PropertyHive
<= 2.0.9
Broken Access Control
5.3
4.3
Feb 3, 2024
Dashboard To-Do List
<= 1.2.0
Broken Access Control
4.3
4.3
Jan 30, 2024
PropertyHive
<= 2.0.13
Cross Site Scripting (XSS)
4.88
6.5
Apr 30, 2024
WPMobile.App
<= 11.41
Cross Site Scripting (XSS)
14.2
7.1
Apr 29, 2024
Praison SEO WordPress
<= 4.0.15
Cross Site Scripting (XSS)
3.25
6.5
Jan 28, 2024
Table Maker
<= 1.9.1
Cross Site Scripting (XSS)
2.95
5.9
Feb 19, 2024
GDPR Compliance
<= 1.2.5
Sensitive Data Exposure
7.5
7.5
Jan 25, 2024
Custom field finder
<= 0.3
PHP Object Injection
5.4
5.4
Feb 7, 2024
Simply Static
<= 3.1.3
Sensitive Data Exposure
34.5
7.5
Jan 5, 2024
Evergreen Content Poster
<= 1.4.2
Broken Access Control
N/A
5.4
Jan 10, 2024
Contest Gallery
<= 21.3.4
Arbitrary File Deletion
7.42
8.5
Feb 9, 2024
Kattene
<= 1.7
Cross Site Scripting (XSS)
4.88
6.5
Jan 26, 2024
WP Simple HTML Sitemap
<= 2.8
Cross Site Scripting (XSS)
14.2
7.1
Mar 13, 2024
Ditty
<= 3.1.31
Cross Site Scripting (XSS)
6.5
6.5
Mar 15, 2024
WP Club Manager
<= 2.2.11
Cross Site Scripting (XSS)
8.13
6.5
Feb 15, 2024
PostX
<= 4.0.1
Cross Site Scripting (XSS)
9.75
6.5
Mar 15, 2024
SP Project & Document Manager
<= 4.71
SQL Injection
5.7
7.6
Feb 16, 2024
What's New Generator
<= 2.0.2
Cross Site Scripting (XSS)
N/A
5.9
Jan 5, 2024
Libsyn Publisher Hub
<= 1.4.4
Cross Site Scripting (XSS)
5.61
6.5
Feb 29, 2024
WP Sort Order
<= 1.3.1
Broken Access Control
4.3
4.3
Jan 10, 2024
HeartThis
<= 0.1.0
Cross Site Scripting (XSS)
4.88
6.5
Jan 25, 2024
SP Project & Document Manager
<= 4.70
Broken Access Control
6.5
6.5
Jan 25, 2024
Molongui
<= 4.7.7
Insecure Direct Object References (IDOR)
1.35
2.7
Jan 30, 2024
Church Admin
<= 4.1.18
Broken Access Control
7.48
5.4
Feb 29, 2024
Print Page block
<= 1.0.8
Cross Site Scripting (XSS)
4.88
6.5
Feb 14, 2024
Sunshine Photo Cart
<= 3.1.1
PHP Object Injection
24.84
5.4
Feb 28, 2024
Church Admin
<= 4.1.17
Cross Site Scripting (XSS)
5.61
6.5
Feb 29, 2024
Simply Static
<= 3.1.3
Cross Site Scripting (XSS)
N/A
5.9
Jan 5, 2024
Frontend Dashboard
<= 2.2.1
Cross Site Scripting (XSS)
6.5
6.5
Jan 24, 2024
MyBookTable Bookstore
<= 3.3.7
Cross Site Scripting (XSS)
3.25
6.5
Jan 26, 2024
Molongui
<= 4.7.7
Cross Site Scripting (XSS)
3.25
6.5
Jan 30, 2024
Sitekit
<= 1.6
Cross Site Scripting (XSS)
4.88
6.5
Jan 31, 2024
PropertyHive
<= 2.0.9
PHP Object Injection
10.6
5.4
Feb 3, 2024
Cryptocurrency Widgets – Price Ticker & Coins List
<= 2.6.8
Broken Access Control
2.35
4.7
Feb 24, 2024
Sirv
<= 7.2.0
Broken Access Control
6.21
5.4
Jan 28, 2024
Sirv
<= 7.2.0
Server Side Request Forgery (SSRF)
6.21
5.4
Jan 28, 2024
Report vulnerabilities to earn bounties and rewards!
Read more
Include pending
Back to top