Pricing
Solutions
WordPress security
Instantly fix and mitigate vulnerabilities
Plugin auditing
Paid auditing for WordPress vendors
Managed VDP
Start a security program for your plugins
Bug Bounty
Join the community and earn bounties
Enterprise API
At scale monitoring and vPatching for hosts
Vulnerability database
The latest WordPress security intelligence
Login
Start trial
Brandon Roldan
389.1
XP
52
Reports
0
Reports, last 90 days
#4
17 Nov, 2025
Lvl 2
0
1
0
1
Website
X
GitHub
Sort by
Priority
Severity
Exploited
Search
Affected software | Vulnerability
CVE
AXP
Severity
Reported
MainWP Child Reports
<= 2.1.1
Cross Site Request Forgery (CSRF)
8.1
5.4
Oct 27, 2023
FameTheme Demo Importer
<= 1.1.5
Cross Site Request Forgery (CSRF)
6.45
4.3
Oct 26, 2023
Giveaways and Contests by RafflePress
<= 1.12.7
Bypass Vulnerability
10.6
5.3
Nov 29, 2023
Royal Elementor Addons
<= 1.3.93
Bypass Vulnerability
53
5.3
Nov 29, 2023
Zero Spam
<= 5.5.6
Bypass Vulnerability
21.2
5.3
Nov 13, 2023
WP Google Analytics Events
<= 2.8.0
Cross Site Scripting (XSS)
14.2
7.1
Oct 31, 2023
UsersWP
< 1.2.6
Cross Site Request Forgery (CSRF)
2.7
5.4
Oct 31, 2023
Simple Post Notes
<= 1.7.6
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 30, 2023
Page Builder: Live Composer
<= 1.5.35
Cross Site Request Forgery (CSRF)
2.7
5.4
Oct 27, 2023
Inline Related Posts
<= 3.3.1
Cross Site Request Forgery (CSRF)
8.6
4.3
Oct 27, 2023
Post Views Counter
<= 1.4.4
Cross Site Request Forgery (CSRF)
10.75
4.3
Oct 27, 2023
Easy Social Feed
<= 6.5.6
Cross Site Request Forgery (CSRF)
6.45
4.3
Oct 26, 2023
Simple Revisions Delete
<= 1.5.3
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 31, 2023
Contact Form 7 – PayPal & Stripe Add-on
<= 2.0
Cross Site Scripting (XSS)
14.2
7.1
Nov 30, 2023
Awesome Support
<= 6.1.6
Broken Access Control
5.4
5.4
Oct 25, 2023
WordPress Manutenção
<= 1.0.6
Bypass Vulnerability
7.4
3.7
Nov 27, 2023
MailerLite – WooCommerce integration
<= 2.0.8
Cross Site Request Forgery (CSRF)
2.7
5.4
Oct 31, 2023
Malware Scanner
<= 4.7.1
Bypass Vulnerability
10.6
5.3
Nov 29, 2023
Affiliates Manager
<= 2.9.31
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 25, 2023
White Label
<= 2.9.0
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 31, 2023
WPC Product Bundles for WooCommerce
<= 7.3.1
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 31, 2023
Strong Testimonials
<= 3.1.10
Cross Site Request Forgery (CSRF)
8.6
4.3
Oct 31, 2023
Simple Job Board
<= 2.10.6
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 31, 2023
NitroPack
<= 1.10.2
Cross Site Request Forgery (CSRF)
10.8
5.4
Oct 31, 2023
NEX-Forms
<= 8.5.2
Cross Site Request Forgery (CSRF)
2.7
5.4
Oct 31, 2023
Icegram
<= 3.1.18
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 31, 2023
Rate my Post
<= 3.4.2
Broken Access Control
10.6
5.3
Nov 26, 2023
RegistrationMagic
<= 5.2.5.0
Bypass Vulnerability
10.6
5.3
Nov 29, 2023
Branda
<= 3.4.14
Bypass Vulnerability
10.6
5.3
Nov 29, 2023
Apollo13 Framework Extensions
<= 1.9.1
Cross Site Request Forgery (CSRF)
5.4
5.4
Oct 25, 2023
Awesome Support
<= 6.1.5
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 25, 2023
Awesome Support
<= 6.1.5
Broken Access Control
10.6
5.3
Oct 25, 2023
Spam protection, AntiSpam, FireWall by CleanTalk
<= 6.20
Cross Site Request Forgery (CSRF)
10.75
4.3
Oct 26, 2023
Ecwid Shopping Cart
<= 6.12.4
Cross Site Request Forgery (CSRF)
2.7
5.4
Oct 26, 2023
Thrive Automator
<= 1.17
Cross Site Request Forgery (CSRF)
2.7
5.4
Oct 27, 2023
GS Logo Slider
<= 3.5.1
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 27, 2023
HT Mega
<= 2.3.3
Cross Site Request Forgery (CSRF)
8.6
4.3
Oct 27, 2023
GPT3 AI Content Writer
<= 1.8.12
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 27, 2023
GPT3 AI Content Writer
<= 1.8.2
Sensitive Data Exposure
10.6
5.3
Oct 27, 2023
WP Simple Booking Calendar
<= 2.0.8.4
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 29, 2023
Paid Member Subscriptions
<= 2.10.4
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 30, 2023
Quiz And Survey Master
<= 8.1.18
Cross Site Request Forgery (CSRF)
5.4
5.4
Oct 30, 2023
WOOCS – WooCommerce Currency Switcher
<= 1.4.1.4
Cross Site Request Forgery (CSRF)
8.1
5.4
Oct 31, 2023
LiveChat
<= 4.5.15
Cross Site Request Forgery (CSRF)
2.7
5.4
Oct 29, 2023
WP Photo Album Plus
<= 8.5.02.005
Bypass Vulnerability
10.6
5.3
Nov 29, 2023
Business Directory
<= 6.3.10
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 26, 2023
Qode Essential Addons
<= 1.5.2
Remote Code Execution (RCE)
19.8
9.9
Oct 26, 2023
Legal Pages
<= 1.3.8
Cross Site Request Forgery (CSRF)
2.7
5.4
Oct 27, 2023
Profile Builder
<= 3.10.3
Cross Site Request Forgery (CSRF)
8.1
5.4
Oct 30, 2023
Top 10
<= 3.3.2
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 31, 2023
WP Google My Business Auto Publish
<= 3.7
Cross Site Request Forgery (CSRF)
2.7
5.4
Oct 31, 2023
Kadence WooCommerce Email Designer
<= 1.5.11
Cross Site Request Forgery (CSRF)
8.6
4.3
Oct 27, 2023
Newsmag
<= 2.4.4
Cross Site Scripting (XSS)
N/A
6.5
No date
Activello
<= 1.4.4
Cross Site Scripting (XSS)
N/A
5.4
No date
Activello
<= 1.4.4
Cross Site Scripting (XSS)
N/A
5.4
No date
Media Library Assistant
<= 3.00
Sensitive Data Exposure
N/A
3.7
No date
iQ Block Country
<= 1.2.18
Bypass Vulnerability
N/A
5.3
No date
wpForo Forum
<= 2.0.5
Cross Site Request Forgery (CSRF)
N/A
6.3
No date
WPIDE – File Manager & Code Editor
<= 2.6
Directory Traversal
N/A
4.9
No date
MultiSafepay plugin for WooCommerce
<= 4.15.0
Directory Traversal
N/A
5.3
No date
Shareaholic
<= 9.7.5
Sensitive Data Exposure
N/A
4.3
No date
MapSVG
<= 6.2.19
SQL Injection
N/A
8.3
No date
HubSpot
<= 8.8.13
Server Side Request Forgery (SSRF)
N/A
6.4
No date
LifterLMS PayPal
<= 1.3.0
Cross Site Scripting (XSS)
N/A
6.1
No date
DW Question & Answer Pro
<= 1.3.4
Cross Site Request Forgery (CSRF)
N/A
5.4
No date
DW Question & Answer Pro
<= 1.3.4
Insecure Direct Object References (IDOR)
N/A
6.5
No date
Plezi
<= 1.0.2
Cross Site Scripting (XSS)
N/A
6.1
No date
Drag and Drop Multiple File Upload – Contact Form 7
<= 1.3.6.2
Cross Site Scripting (XSS)
N/A
6.1
No date
FormCraft 3
<= 3.8.27
Server Side Request Forgery (SSRF)
N/A
5.3
No date
WP Voting Contest
<= 2.1
Cross Site Scripting (XSS)
N/A
6.1
No date
AnyComment
<= 0.2.17
Race Condition
N/A
4.3
No date
AnyComment
<= 0.2.17
Cross Site Request Forgery (CSRF)
N/A
4.6
No date
BP Better Messages
<= 1.9.9.148
Cross Site Request Forgery (CSRF)
N/A
3.1
No date
SupportCandy
<= 2.2.6
Cross Site Request Forgery (CSRF)
N/A
5.4
No date
SupportCandy
<= 2.2.4
Broken Access Control
N/A
6.5
No date
AnyComment
<= 0.3.4
Open Redirection
N/A
6.5
No date
Tab – Accordion, FAQ
<= 1.3.1
Cross Site Scripting (XSS)
N/A
5.3
No date
Support Board
<= 3.3.5
Cross Site Request Forgery (CSRF)
N/A
5.4
No date
wpDiscuz
<= 7.3.3
Cross Site Request Forgery (CSRF)
N/A
5.4
No date
BP Better Messages
<= 1.9.9.37
Cross Site Request Forgery (CSRF)
N/A
4.6
No date
BP Better Messages
<= 1.9.9.37
Cross Site Scripting (XSS)
N/A
6.1
No date
Report vulnerabilities to earn bounties and rewards!
Read more
Include pending
Back to top