Bonds

13344.99

XP

469

Reports

50

Reports, last 90 days

#8

5 Jan, 2026

Lvl 10

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
WordPress & WooCommerce Scraper Plugin, Import Data from Any Site<= 1.0.7 Server Side Request Forgery (SSRF)	8.1	5.4	Oct 19, 2025
Malta<= 1.3.3 Local File Inclusion	37.26	8.1	Aug 7, 2025
Hobo<= 1.0.10 Local File Inclusion	37.26	8.1	Aug 7, 2025
Modern Housewife<= 1.0.12 Local File Inclusion	37.26	8.1	Aug 7, 2025
Yolox<= 1.0.15 Local File Inclusion	37.26	8.1	Aug 7, 2025
Pearson Specter<= 1.11.3 Local File Inclusion	37.26	8.1	Aug 7, 2025
Piqes<= 1.0.11 Local File Inclusion	37.26	8.1	Aug 7, 2025
Prider<= 1.1.3.1 Local File Inclusion	37.26	8.1	Aug 7, 2025
TanTum<= 1.1.13 Local File Inclusion	37.26	8.1	Aug 7, 2025
Tornados<= 2.1 Local File Inclusion	37.26	8.1	Aug 7, 2025
Muji<= 1.2.0 Local File Inclusion	37.26	8.1	Aug 7, 2025
Tails<= 1.4.12 Local File Inclusion	37.26	8.1	Aug 7, 2025
Indoor Plants<= 1.2.7 Local File Inclusion	37.26	8.1	Aug 7, 2025
Snow Mountain<= 1.4.3 Local File Inclusion	37.26	8.1	Aug 7, 2025
Pets Land<= 1.2.8 Local File Inclusion	37.26	8.1	Aug 7, 2025
Weedles<= 1.1.12 Local File Inclusion	37.26	8.1	Aug 6, 2025
MoveMe<= 1.2.15 Local File Inclusion	37.26	8.1	Aug 6, 2025
uReach<= 1.3.3 Local File Inclusion	37.26	8.1	Aug 6, 2025
DiveIt<= 1.4.3 Local File Inclusion	37.26	8.1	Aug 6, 2025
PartyMaker<= 1.1.15 Local File Inclusion	37.26	8.1	Aug 6, 2025
Eldon<= 1.0 Local File Inclusion	32.4	8.1	Jul 31, 2025
BM Content Builder<= 3.16.3 Arbitrary File Download	14.63	6.5	Jul 27, 2025
Overworld<= 1.3 Local File Inclusion	32.4	8.1	Jun 10, 2025
Töbel<= 1.6 Local File Inclusion	32.4	8.1	Jun 10, 2025
MaxShop<= 3.6.20 Local File Inclusion	32.4	8.1	May 31, 2025
iRecco Core<= 1.3.6 Local File Inclusion	32.4	8.1	May 31, 2025
Lekker<= 1.8 Local File Inclusion	48.6	8.1	Feb 28, 2025
JetTabs<= 2.2.12 Cross Site Scripting (XSS)	48.75	6.5	Nov 30, 2025
JetTabs<= 2.2.12 Broken Access Control	48.75	6.5	Nov 30, 2025
JetSearch<= 3.5.16 Cross Site Scripting (XSS)	36.56	6.5	Nov 30, 2025
JetBlog<= 2.4.7 Broken Access Control	36.56	6.5	Nov 30, 2025
JetPopup<= 2.0.20.1 Insecure Direct Object References (IDOR)	24.19	4.3	Nov 30, 2025
Elementor Website Builder<= 3.33.0 Broken Access Control	87.08	4.3	Oct 19, 2025
Eagle Booking<= 1.3.4.3 Settings Change	5.4	5.4	Oct 19, 2025
Eagle Booking<= 1.3.4.3 Insecure Direct Object References (IDOR)	4.3	4.3	Oct 19, 2025
WP Gravity Forms FreshDesk Plugin<= 1.3.5 Open Redirection	N/A	4.7	Oct 19, 2025
JetElements For Elementor<= 2.7.12 Cross Site Scripting (XSS)	45.7	6.5	Oct 19, 2025
Litho Addons<= 3.4 Broken Access Control	5.4	5.4	Sep 21, 2025
Codiqa< 1.2.8 PHP Object Injection	29.4	9.8	Sep 21, 2025
WP Gravity Forms Zoho CRM and Bigin<= 1.2.8 Open Redirection	7.05	4.7	Sep 21, 2025
Stockie Extra<= 1.2.11 Cross Site Request Forgery (CSRF)	0.54	4.3	Sep 21, 2025
Stockie Extra<= 1.2.11 Content Injection	13	6.5	Sep 21, 2025
Hercules Core <= 7.4 Server Side Request Forgery (SSRF)	4.9	4.9	Sep 21, 2025
Reservation Plugin<= 1.6 Cross Site Scripting (XSS)	14.2	7.1	Sep 21, 2025
Ultimate Learning Pro<= 3.9.3 Arbitrary Content Deletion	4.9	4.9	Aug 31, 2025
WP Gravity Forms HubSpot<= 1.2.5 Open Redirection	7.05	4.7	Aug 24, 2025
FoodBook<= 4.7.6 Sensitive Data Exposure	10.6	5.3	Aug 24, 2025
WooEvents<= 4.1.7 Broken Access Control	10.6	5.3	Aug 24, 2025
Grand Conference Theme Custom Post Type< 2.6.4 Broken Access Control	5.4	5.4	Apr 13, 2025
BM Content Builder< 3.16.3.3 Arbitrary File Deletion	17.33	7.7	Jul 27, 2025
DentiCare< 1.4.3 PHP Object Injection	39.2	9.8	May 25, 2025
Goldenblatt< 1.3.0 PHP Object Injection	39.2	9.8	Aug 24, 2025
WorkScout-Core< 1.7.06 Cross Site Scripting (XSS)	14.2	7.1	Aug 24, 2025
Goodlayers Core< 2.1.7 Privilege Escalation	19.8	8.8	Aug 24, 2025
Addison< 1.4.8 PHP Object Injection	39.2	9.8	Aug 24, 2025
Javo Core<= 3.0.0.266 Broken Access Control	10.6	5.3	Jul 27, 2025
DriCub<= 2.9 Broken Access Control	10.6	5.3	Jul 27, 2025
DriCub<= 2.9 Server Side Request Forgery (SSRF)	10.8	5.4	Jul 27, 2025
WP Gravity Forms Keap/Infusionsoft<= 1.2.6 Open Redirection	N/A	4.7	Jul 27, 2025
CouponXxL<= 4.5.0 Cross Site Request Forgery (CSRF)	4.4	8.8	Jul 28, 2025
WorkScout-Core< 1.7.06 Cross Site Request Forgery (CSRF)	4.4	8.8	Aug 24, 2025
ShoppyStore<= 3.7.16 Local File Inclusion	32.4	8.1	May 4, 2025
Autusin<= 2.8.5 Local File Inclusion	32.4	8.1	May 4, 2025
Juno<= 2.25 Local File Inclusion	32.4	8.1	Jun 8, 2025
Wine House<= 3.12 Local File Inclusion	32.4	8.1	Jun 10, 2025
Accalia<= 1.5.3 Local File Inclusion	24.3	8.1	May 25, 2025
Chrimson<= 2.2 Local File Inclusion	24.3	8.1	May 11, 2025
ProDent<= 1.5.9 Local File Inclusion	32.4	8.1	May 11, 2025
AlphaColor<= 1.4.11.1 Local File Inclusion	32.4	8.1	May 11, 2025
Drone Media<= 2.2.0 Local File Inclusion	32.4	8.1	May 11, 2025
Booklovers<= 2.13 Local File Inclusion	32.4	8.1	May 11, 2025
Anesta<= 1.2.1 Local File Inclusion	32.4	8.1	May 11, 2025
ProRange<= 2.3 Local File Inclusion	32.4	8.1	May 11, 2025
AI ANN<= 1.1.0 Local File Inclusion	32.4	8.1	May 11, 2025
HotLock<= 1.3.9 Local File Inclusion	32.4	8.1	May 11, 2025
Fortunio<= 2.3 Local File Inclusion	32.4	8.1	May 11, 2025
Gutentype<= 2.1.11 Local File Inclusion	32.4	8.1	May 11, 2025
ShieldGroup<= 2.13 Local File Inclusion	40.5	8.1	Aug 6, 2025
Militarology<= 1.0.15 Local File Inclusion	40.5	8.1	Aug 6, 2025
Mamita<= 1.0.9 Local File Inclusion	40.5	8.1	Aug 6, 2025
Gracioza<= 1.0.15 Local File Inclusion	40.5	8.1	Aug 6, 2025
Kings & Queens<= 1.1.16 Local File Inclusion	40.5	8.1	Aug 6, 2025
Ludos Paradise<= 2.1.3 Local File Inclusion	40.5	8.1	Aug 6, 2025
Jack Well<= 1.0.14 Local File Inclusion	40.5	8.1	Aug 6, 2025
Hanani<= 1.2.11 Local File Inclusion	40.5	8.1	Aug 6, 2025
Monyxi<= 1.1.8 Local File Inclusion	40.5	8.1	Aug 6, 2025
Palladio<= 1.1.10 Local File Inclusion	40.5	8.1	Aug 6, 2025
Lettuce<= 1.1.7 Local File Inclusion	40.5	8.1	Aug 6, 2025
Lymcoin<= 1.3.12 Local File Inclusion	40.5	8.1	Aug 6, 2025
Strux<= 1.9 Local File Inclusion	40.5	8.1	Aug 6, 2025
Uxper Booking<= 1.3.3 SQL Injection	17	8.5	Jun 8, 2025
Spirit Framework<= 1.2.13 Local File Inclusion	15	7.5	Jun 10, 2025
FitLine<= 1.6 Local File Inclusion	40.5	8.1	Aug 3, 2025
Harper<= 1.13 Local File Inclusion	40.5	8.1	Aug 3, 2025
Greeny<= 2.6 Local File Inclusion	40.5	8.1	Aug 3, 2025
Rentic<= 1.1 Local File Inclusion	40.5	8.1	Aug 3, 2025
Smash<= 1.7 Local File Inclusion	40.5	8.1	Aug 3, 2025
Catwalk<= 1.4 Local File Inclusion	40.5	8.1	Aug 3, 2025
Beautique<= 1.5 Local File Inclusion	40.5	8.1	Aug 3, 2025
Assembly<= 1.1 Local File Inclusion	40.5	8.1	Aug 3, 2025

Report vulnerabilities to earn bounties and rewards!

Include pending