timomangcut

780.35

XP

42

Reports

0

Reports, last 90 days

#4

18 Nov, 2025

Lvl 3

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
WP Abstracts<= 2.7.4 Local File Inclusion	45	7.5	Apr 26, 2025
Content Egg<= 7.0.0 PHP Object Injection	7.2	7.2	Apr 29, 2025
WP Links Page<= 4.9.6 SQL Injection	17	8.5	Apr 30, 2025
Cloud SAML SSO - Single Sign On Login<= 1.0.18 Local File Inclusion	45	7.5	Apr 29, 2025
WordPress-WPJobBoard<= 25.07010000-WP6.8.1-JB5.11.5 SQL Injection	37.2	9.3	Apr 24, 2025
Printcart Web to Print Product Designer for WooCommerce<= 2.4.0 SQL Injection	17	8.5	Apr 24, 2025
SERPed.net<= 4.6 Local File Inclusion	48.6	8.1	Apr 25, 2025
WP Optimize By xTraffic<= 5.1.6 PHP Object Injection	39.2	9.8	Apr 25, 2025
Woocommerce Partial Shipment<= 3.2 SQL Injection	17	8.5	Apr 12, 2025
Membership For WooCommerce<= 2.8.1 Broken Access Control	15	7.5	Apr 30, 2025
External Store for Shopify<= 1.5.9 Local File Inclusion	16.88	7.5	Apr 30, 2025
WC Vendors Marketplace<= 2.5.6 SQL Injection	N/A	7.6	Apr 27, 2025
WP Pipes<= 1.4.2 Arbitrary File Deletion	51.6	8.6	Apr 26, 2025
Pix 4x sem juros - Pagaleve<= 1.6.9 PHP Object Injection	39.2	9.8	Apr 17, 2025
Opal Woo Custom Product Variation<= 1.2.0 Arbitrary File Deletion	51.6	8.6	Apr 29, 2025
WPFunnels<= 3.5.18 PHP Object Injection	45.08	9.8	Apr 18, 2025
Bulk Featured Image<= 1.2.2 Broken Access Control	4.3	4.3	Apr 9, 2025
Ebook Store<= 5.8009 Cross Site Scripting (XSS)	4.88	6.5	Apr 9, 2025
Graphina<= 3.0.4 Cross Site Request Forgery (CSRF)	12.15	8.1	Apr 28, 2025
XT Event Widget for Social Events<= 1.1.7 Local File Inclusion	16.88	7.5	Apr 26, 2025
CoinPayments.net Payment Gateway for WooCommerce<= 1.0.17 PHP Object Injection	39.2	9.8	Apr 27, 2025
Mailing Group Listserv<= 3.0.4 SQL Injection	17	8.5	Apr 16, 2025
Fable Extra<= 1.0.6 SQL Injection	37.2	9.3	Apr 8, 2025
Fable Extra<= 1.0.6 Cross Site Scripting (XSS)	4.88	6.5	Apr 9, 2025
Appointment Booking Calendar<= 1.3.92 Broken Access Control	10.6	5.3	Apr 12, 2025
AnyTrack Affiliate Link Manager<= 1.0.4 Broken Access Control	15	7.5	Mar 29, 2025
Sandwich Adsense<= 4.0.2 Broken Access Control	N/A	5.3	Mar 29, 2025
Posts Footer Manager<= 2.2.0 Cross Site Scripting (XSS)	N/A	5.9	Mar 1, 2025
Welcome Bar<= 2.0.4 Cross Site Scripting (XSS)	N/A	5.9	Mar 3, 2025
include-file<= 1 Arbitrary File Download	N/A	6.5	Mar 7, 2025
Include URL<= 0.3.5 Arbitrary File Download	N/A	6.5	Mar 8, 2025
Flickr set slideshows<= 0.9 SQL Injection	17	8.5	Mar 8, 2025
Novelist<= 1.2.3 Cross Site Scripting (XSS)	N/A	5.9	Mar 3, 2025
PostMash<= 1.0.3 SQL Injection	37.2	9.3	Mar 14, 2025
Navigation Tree Elementor<= 1.0.1 SQL Injection	17	8.5	Mar 13, 2025
WP01<= 2.6.2 Arbitrary File Download	22.5	7.5	Mar 12, 2025
Flickr set slideshows<= 0.9 SQL Injection	N/A	8.5	Mar 8, 2025
WP Featured Entries<= 1.0 SQL Injection	N/A	8.5	Mar 12, 2025
Include URL<= 0.3.5 Cross Site Scripting (XSS)	N/A	6.5	Mar 8, 2025
include-file<= 1 Cross Site Scripting (XSS)	N/A	6.5	Mar 8, 2025
IG Shortcodes<= 3.1 Cross Site Scripting (XSS)	N/A	6.5	Mar 7, 2025

Report vulnerabilities to earn bounties and rewards!

Include pending