johska

782.56

XP

145

Reports

0

Reports, last 90 days

#33

18 Nov, 2025

Lvl 3

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
RIS Version Switcher – Downgrade or Upgrade WP Versions Easily<= 1.0 Cross Site Request Forgery (CSRF)	1.63	6.5	Jul 8, 2025
Yahoo! WebPlayer<= 2.0.6 Cross Site Scripting (XSS)	7.1	7.1	May 22, 2025
re.place<= 0.2.1 Cross Site Request Forgery (CSRF)	1.78	7.1	May 22, 2025
Track Everything<= 2.0.1 Cross Site Request Forgery (CSRF)	1.78	7.1	May 27, 2025
RSS Digest<= 1.5 Cross Site Request Forgery (CSRF)	1.78	7.1	May 22, 2025
Społecznościowa 6 PL 2013<= 2.0.6 Cross Site Request Forgery (CSRF)	1.78	7.1	May 22, 2025
WP2LEADS<= 3.5.0 Cross Site Scripting (XSS)	16.33	7.1	May 16, 2025
BP Profile as Homepage<= 1.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 23, 2025
Affiliates Manager Google reCAPTCHA Integration<= 1.0.6 Cross Site Request Forgery (CSRF)	2.66	7.1	May 9, 2025
Aptivada for WP<= 2.0.0 Cross Site Scripting (XSS)	N/A	6.5	Apr 15, 2025
ShayanWeb Admin FontChanger<= 1.9.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 11, 2025
WP2LEADS<= 3.5.0 Cross Site Request Forgery (CSRF)	4.08	7.1	Apr 19, 2025
Supertext Translation and Proofreading<= 4.26 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 31, 2025
Martins Free Monetized Ad Exchange Network<= 1.0.5 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
WP DPE-GES<= 1.6 Cross Site Scripting (XSS)	4.88	6.5	Apr 24, 2025
ELI's Related Posts Footer Links and Widget<= 1.2.04.20 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 7, 2025
IGIT Related Posts With Thumb Image After Posts<= 4.5.3 Cross Site Scripting (XSS)	6.5	6.5	Apr 7, 2025
EC Authorize.net<= 0.3.3 Cross Site Scripting (XSS)	14.2	7.1	Apr 16, 2025
Author Box Plugin With Different Description<= 1.3.5 Cross Site Request Forgery (CSRF)	N/A	4.3	Apr 21, 2025
Best Posts Summary<= 1.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 21, 2025
CheckBot<= 1.05 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 18, 2025
WP Vegas<= 2.2 Cross Site Scripting (XSS)	4.88	6.5	Apr 18, 2025
Enhanced Paypal Shortcodes<= 0.5a Cross Site Scripting (XSS)	N/A	6.5	Apr 15, 2025
My Custom Widgets<= 2.0.5 Cross Site Scripting (XSS)	14.2	7.1	Apr 7, 2025
360 View<= 1.1.0 Cross Site Scripting (XSS)	4.88	6.5	Apr 16, 2025
Peekaboo<= 1.1 Cross Site Scripting (XSS)	4.88	6.5	Apr 16, 2025
Mixcloud Embed<= 2.2.0 Cross Site Scripting (XSS)	4.88	6.5	Apr 16, 2025
Mini twitter feed<= 3.0 Cross Site Scripting (XSS)	4.88	6.5	Apr 16, 2025
Multi-Column Taxonomy List<= 1.5 Cross Site Scripting (XSS)	4.88	6.5	Apr 16, 2025
Peadig’s Google +1 Button<= 0.1.2 Cross Site Scripting (XSS)	N/A	6.5	Apr 16, 2025
BBCode Deluxe<= 2020.08.01.2 Cross Site Scripting (XSS)	N/A	6.5	Apr 15, 2025
Able Player<= 1.2.1 Cross Site Scripting (XSS)	N/A	6.5	Apr 15, 2025
WP Custom Post Popup<= 1.0.1 Cross Site Scripting (XSS)	N/A	6.5	Apr 15, 2025
RAphicon<= 2.1.2 Cross Site Scripting (XSS)	N/A	6.5	Apr 15, 2025
RRSSB<= 1.0.1 Cross Site Scripting (XSS)	N/A	6.5	Apr 15, 2025
Wp Custom CMS Block<= 2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 15, 2025
Zoho Creator Forms<= 1.0.5 Cross Site Scripting (XSS)	N/A	6.5	Apr 15, 2025
WoWHead Tooltips<= 2.0.1 Cross Site Scripting (XSS)	N/A	7.1	Apr 15, 2025
External Markdown<= 0.0.1 Cross Site Scripting (XSS)	N/A	6.5	Apr 15, 2025
GTDB Guitar Tuners<= 4.2.2 Cross Site Scripting (XSS)	N/A	6.5	Apr 15, 2025
Xpert Tab<= 1.3 Cross Site Scripting (XSS)	N/A	6.5	Apr 15, 2025
GNA Search Shortcode<= 0.9.5 Cross Site Scripting (XSS)	N/A	6.5	Apr 15, 2025
Inline Text Popup<= 1.0.0 Cross Site Scripting (XSS)	N/A	6.5	Apr 14, 2025
Carousel-of-post-images<= 1.07 Cross Site Scripting (XSS)	N/A	6.5	Apr 14, 2025
Image Style Hover<= 1.0.6 Cross Site Scripting (XSS)	N/A	6.5	Apr 14, 2025
Tooltip<= 1.0.1 Cross Site Scripting (XSS)	N/A	6.5	Apr 11, 2025
Hacklog Remote Attachment<= 1.3.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 11, 2025
Availability Calendar<= 0.2.4 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 11, 2025
WP Filter Post Category<= 2.1.4 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 7, 2025
Tabs<= 4.0.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 7, 2025
Related Posts via Taxonomies<= 1.0.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 7, 2025
Twitter Card Generator<= 1.0.5 Cross Site Request Forgery (CSRF)	N/A	7.1	Apr 7, 2025
Milat jQuery Automatic Popup<= 1.3.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
Custom Functions Plugin<= 1.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
Contact Form 7 Calendar<= 3.0.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
Advanced lazy load<= 1.6.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
WpZon – Amazon Affiliate Plugin<= 1.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
Vasaio QR Code<= 1.2.5 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
LSD Custom taxonomy and category meta<= 1.3.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
PayPal Express Checkout<= 2.1.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
Navegg Analytics<= 3.3.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
Drop Caps<= 2.1 Cross Site Request Forgery (CSRF)	3.25	6.5	Apr 3, 2025
Call Now PHT Blog<= 2.4.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
spam-stopper<= 3.1.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
Social Media Links<= 1.0.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
translit it!<= 1.6 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
Redirect wordpress to welcome or landing page<= 2.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
RSS Manager<= 0.06 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
Revision Diet<= 1.0.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
I Draw<= 1.0 Arbitrary File Upload	N/A	9.1	Apr 1, 2025
WP Twitter Button<= 1.4.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
WP Sticky Side Buttons<= 2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
WP Social Bookmarking<= 3.6 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
Add to Header<= 1.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 4, 2025
Simple Maps<= 0.98 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
mLanguage<= 1.6.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
Amazon Showcase WordPress Plugin<= 2.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
bbPress2 shortcode whitelist<= 2.2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
Bknewsticker<= 1.0.5 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
My Marginalia<= 1.0.6 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
Broken Links Remover<= 1.2.2 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
Dashboard Notepads<= 1.2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
Review Wave – Google Places Reviews<= 1.4.7 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
Internal Link Optimiser<= 5.1.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
Right Click Disable OR Ban<= 1.1.17 Cross Site Request Forgery (CSRF)	3.55	7.1	Apr 3, 2025
WP Donate<= 2.0 Cross Site Scripting (XSS)	14.2	7.1	Feb 4, 2025
FireDrum Email Marketing<= 1.64 Cross Site Scripting (XSS)	14.2	7.1	Mar 27, 2025
wp secure<= 1.2 Cross Site Scripting (XSS)	14.2	7.1	Mar 31, 2025
Oppso Unit Converter<= 1.1.1 Cross Site Scripting (XSS)	14.2	7.1	Mar 30, 2025
Insert HTML Here<= 1.0 Cross Site Scripting (XSS)	14.2	7.1	Mar 30, 2025
Comment Validation Reloaded<= 0.5 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 28, 2025
Language Field<= 0.9 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 30, 2025
FrescoChat Live Chat<= 3.2.6 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 30, 2025
Site Table of Contents<= 0.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 30, 2025
The World<= 0.4 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 30, 2025
Social Crowd<= 0.9.6.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 30, 2025
Script Compressor<= 1.7.1 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 30, 2025
More Mime Type Filters<= 0.3 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 31, 2025
Easy Custom CSS<= 1.0 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 31, 2025
CG Scroll To Top<= 3.5 Cross Site Request Forgery (CSRF)	3.55	7.1	Mar 31, 2025

Report vulnerabilities to earn bounties and rewards!

Include pending