thiennv

Say thanks

1773.84

XP

189

Reports

0

Reports, last 90 days

#33

18 Nov, 2025
Lvl 5
0
1
0
1
Website
X
GitHub
Affected software | Vulnerability
CVE
AXP
Severity
Reported
Make Email Customizer for WooCommerce<= 1.0.6
Cross Site Scripting (XSS)
14.2
7.1
Oct 23, 2024
Revamp CRM for WooCommerce<= 1.1.2
Cross Site Scripting (XSS)
14.2
7.1
Oct 23, 2024
Terminal Africa<= 1.13.21
Cross Site Scripting (XSS)
14.2
7.1
Oct 25, 2024
MultiMailer<= 1.0.3
Cross Site Scripting (XSS)
14.2
7.1
Oct 28, 2024
Easy Post Duplicator<= 1.0.1
SQL Injection
17
8.5
Dec 18, 2024
Simple Post Meta Manager<= 1.0.9
Cross Site Request Forgery (CSRF)
3.55
7.1
Dec 14, 2024
DirectoryPress<= 3.6.22
Cross Site Request Forgery (CSRF)
2.7
5.4
Jan 7, 2025
6Storage Rentals<= 2.19.9
Broken Access Control
N/A
5.4
Dec 25, 2024
Easy WP Optimizer<= 1.1.0
Broken Access Control
N/A
8.8
Dec 25, 2024
Support Helpdesk Ticket System Lite<= 4.5.2
Cross Site Scripting (XSS)
14.2
7.1
Oct 22, 2024
Rich Text Editor<= 1.0.1
Broken Access Control
13
6.5
Dec 25, 2024
iNET Webkit<= 1.2.2
Broken Access Control
10.6
5.3
Nov 30, 2024
Dynamic URL SEO<= 1.0
Cross Site Scripting (XSS)
14.2
7.1
Oct 30, 2024
Dynamic URL SEO<= 1.0
Cross Site Request Forgery (CSRF)
N/A
5.4
Oct 30, 2024
W3SPEEDSTER<= 7.33
Cross Site Request Forgery (CSRF)
2.15
4.3
Nov 21, 2024
SC Simple Zazzle<= 1.1.6
Cross Site Scripting (XSS)
14.2
7.1
Oct 31, 2024
XTRA Settings<= 2.1.8
Cross Site Scripting (XSS)
14.2
7.1
Oct 31, 2024
Tax Report for WooCommerce<= 2.2
Cross Site Scripting (XSS)
14.2
7.1
Oct 31, 2024
Podčlánková inzerce<= 2.4.0
Cross Site Scripting (XSS)
14.2
7.1
Oct 30, 2024
Youtube Video Grid<= 1.9
Cross Site Scripting (XSS)
14.2
7.1
Oct 29, 2024
EELV Newsletter<= 4.8.2
Cross Site Scripting (XSS)
14.2
7.1
Oct 28, 2024
Group category creator<= 1.3.0.3
Cross Site Scripting (XSS)
14.2
7.1
Oct 28, 2024
eMarksheet<= 5.4.3
Cross Site Scripting (XSS)
14.2
7.1
Oct 28, 2024
Ui Slider Filter By Price<= 1.1
Cross Site Scripting (XSS)
14.2
7.1
Oct 25, 2024
Sale with Razorpay<= 1.0
Cross Site Scripting (XSS)
14.2
7.1
Oct 21, 2024
azurecurve Floating Featured Image<= 2.2.0
Cross Site Scripting (XSS)
14.2
7.1
Oct 18, 2024
WpTravelly<= 1.8.5
Broken Access Control
10.6
5.3
Nov 30, 2024
Multiple Carousel<= 2.0
SQL Injection
37.2
9.3
Dec 19, 2024
TubePress.NET<= 4.0.1
Cross Site Request Forgery (CSRF)
3.55
7.1
Dec 17, 2024
Pretty Url<= 1.5.5
Cross Site Request Forgery (CSRF)
N/A
4.3
Dec 17, 2024
Pretty Url<= 1.5.4
Cross Site Scripting (XSS)
14.2
7.1
Dec 17, 2024
Order Audit Log for WooCommerce<= 2.0
Cross Site Scripting (XSS)
14.2
7.1
Oct 21, 2024
SyncFields<= 2.1
Cross Site Scripting (XSS)
14.2
7.1
Oct 30, 2024
Contest Gallery<= 24.0.3
Cross Site Scripting (XSS)
3.39
5.9
Oct 18, 2024
picu – Online Photo Proofing Gallery<= 2.4.0
Broken Access Control
10.6
5.3
Nov 22, 2024
Gulri Slider<= 3.5.8
Cross Site Scripting (XSS)
14.2
7.1
Oct 30, 2024
Shipment Tracker for Woocommerce<= 1.4.23
Cross Site Scripting (XSS)
14.2
7.1
Nov 19, 2024
Tidy Up<= 1.3
Cross Site Request Forgery (CSRF)
3.55
7.1
Dec 14, 2024
Posti Shipping<= 3.10.3
Cross Site Request Forgery (CSRF)
3.25
6.5
Nov 29, 2024
EELV Newsletter<= 4.8.2
Cross Site Request Forgery (CSRF)
N/A
5.4
Oct 28, 2024
Ui Slider Filter By Price<= 1.1
Cross Site Request Forgery (CSRF)
2.7
5.4
Oct 25, 2024
DTC Documents<= 1.1.05
Cross Site Request Forgery (CSRF)
N/A
5.4
Oct 24, 2024
Youtube Video Grid<= 1.9
Cross Site Request Forgery (CSRF)
3.25
6.5
Oct 29, 2024
Bet sport Free<= 1.0.0
Cross Site Request Forgery (CSRF)
N/A
4.3
Oct 23, 2024
PDF Generator Addon for Elementor Page Builder<= 1.7.5
Directory Traversal
15
7.5
Nov 12, 2024
Feedpress Generator<= 1.2.1
Cross Site Scripting (XSS)
14.2
7.1
Oct 25, 2024
FloristPress<= 7.2.0
Cross Site Scripting (XSS)
14.2
7.1
Oct 23, 2024
WP Quick Shop<= 1.3.1
Cross Site Scripting (XSS)
14.2
7.1
Oct 24, 2024
Connect Contact Form 7 to Constant Contact<= 1.4
Cross Site Scripting (XSS)
14.2
7.1
Oct 24, 2024
LabelGrid Tools<= 1.3.58
Cross Site Scripting (XSS)
14.2
7.1
Oct 25, 2024
Invoice Payment for WooCommerce<= 1.7.2
Cross Site Scripting (XSS)
14.2
7.1
Oct 30, 2024
FormFacade<= 1.3.6
Cross Site Scripting (XSS)
14.2
7.1
Oct 17, 2024
Role Includer<= 1.6
Cross Site Scripting (XSS)
14.2
7.1
Oct 31, 2024
ImageRecycle pdf & image compression<= 3.1.16
Cross Site Scripting (XSS)
14.2
7.1
Nov 25, 2024
Ni CRM Lead<= 1.3.0
SQL Injection
17
8.5
Oct 26, 2024
Ni CRM Lead<= 1.3.0
Cross Site Scripting (XSS)
14.2
7.1
Oct 21, 2024
Ni WooCommerce Bulk Product Editor<= 1.4.5
Cross Site Scripting (XSS)
14.2
7.1
Oct 22, 2024
Ni WooCommerce Order Export<= 3.1.6
Cross Site Scripting (XSS)
14.2
7.1
Oct 28, 2024
Intro Tour Tutorial DeepPresentation<= 6.5.2
Cross Site Scripting (XSS)
14.2
7.1
Oct 31, 2024
DancePress (TRWA)<= 3.1.11
Cross Site Request Forgery (CSRF)
N/A
4.3
Oct 23, 2024
Awesome Event Booking<= 2.7.1
Cross Site Scripting (XSS)
14.2
7.1
Oct 28, 2024
Ahmeti Wp Güzel Sözler<= 4.0
Cross Site Request Forgery (CSRF)
N/A
4.3
Oct 21, 2024
Shipping with Venipak for WooCommerce<= 1.22.3
Cross Site Scripting (XSS)
14.2
7.1
Oct 18, 2024
Satisfaction Reports from Help Scout<= 2.0.3
Cross Site Scripting (XSS)
14.2
7.1
Oct 21, 2024
Ajax Content Filter<= 1.0
Cross Site Scripting (XSS)
14.2
7.1
Oct 23, 2024
Search order by product SKU for WooCommerce<= 0.2
Cross Site Scripting (XSS)
14.2
7.1
Oct 25, 2024
Manage User Columns<= 1.0.5
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 17, 2024
WP User Switch<= 1.1.2
Privilege Escalation
12
8
Feb 28, 2024
Vimeography<= 2.4.1
Cross Site Request Forgery (CSRF)
2.15
4.3
Feb 27, 2024
MJ Update History<= 1.0.4
Broken Access Control
3.23
4.3
Jan 10, 2024
Democracy Poll<= 6.1.1
Broken Access Control
10.6
5.3
Jul 26, 2023
Contact Form 7 Extension For Mailchimp<= 0.5.73
Cross Site Request Forgery (CSRF)
8.6
4.3
Oct 30, 2023
Total Poll Lite<= 4.9.9
Broken Access Control
4.3
4.3
Jan 26, 2024
RomethemeForm For Elementor<= 1.1.2
Broken Access Control
10.6
5.3
Jan 30, 2024
WP Helper Premium< 4.6.0
Cross Site Scripting (XSS)
14.2
7.1
Jan 29, 2024
GEO my WordPress<= 4.1
Cross Site Request Forgery (CSRF)
2.7
5.4
Jan 11, 2024
Tablesome<= 1.0.25
Cross Site Request Forgery (CSRF)
2.15
4.3
Jan 19, 2024
ProfileGrid <= 5.7.8
Cross Site Request Forgery (CSRF)
2.15
4.3
Feb 27, 2024
Smart Online Order for Clover<= 1.5.5
Cross Site Request Forgery (CSRF)
3.11
5.4
Dec 27, 2023
Tax Rate Upload<= 2.4.5
Cross Site Scripting (XSS)
14.2
7.1
Jan 17, 2024
Specific Content For Mobile<= 0.1.9.5
Cross Site Scripting (XSS)
14.2
7.1
Jan 16, 2024
Biteship<= 2.2.24
Cross Site Scripting (XSS)
14.2
7.1
Dec 19, 2023
WOLF<= 1.0.8
Cross Site Scripting (XSS)
16.33
7.1
Dec 19, 2023
Word Replacer Pro<= 1.0
Broken Access Control
13
6.5
Jul 31, 2023
Custom Twitter Feeds (Tweets Widget)<= 2.1.2
Cross Site Request Forgery (CSRF)
8.6
4.3
Oct 17, 2023
Business Directory<= 6.3.9
Broken Access Control
4.05
5.4
Sep 28, 2023
Customize My Account for WooCommerce<= 1.8.3
Cross Site Request Forgery (CSRF)
2.15
4.3
Aug 31, 2023
MultiVendorX<= 4.0.23
Broken Access Control
16.4
8.2
Jul 26, 2023
Legal Pages<= 1.3.7
Broken Access Control
3.23
4.3
Sep 14, 2023
LA-Studio Element Kit for Elementor<= 1.1.5
Broken Access Control
13
6.5
Sep 14, 2023
Awesome Support<= 6.1.7
Broken Access Control
13
6.5
Jun 30, 2023
Product Catalog Feed by PixelYourSite<= 2.1.1
Cross Site Request Forgery (CSRF)
2.7
5.4
Sep 27, 2023
Product Enquiry for WooCommerce<= 3.0
Cross Site Request Forgery (CSRF)
2.7
5.4
Apr 25, 2023
Event post<= 5.9.0
Cross Site Scripting (XSS)
4.88
6.5
Apr 25, 2023
RegistrationMagic<= 5.2.2.6
Cross Site Request Forgery (CSRF)
2.15
4.3
May 31, 2023
HUSKY<= 1.3.4.2
Broken Access Control
12.9
4.3
Aug 16, 2023
Awesome Support<= 6.1.4
Broken Access Control
5.4
5.4
Aug 17, 2023
Awesome Support<= 6.1.4
Cross Site Request Forgery (CSRF)
2.15
4.3
Aug 17, 2023
WebToffee eCommerce Marketing Automation<= 1.2.7
Cross Site Request Forgery (CSRF)
2.15
4.3
Oct 16, 2023
Live Preview for Contact Form 7<= 1.2.0
Broken Access Control
10.8
5.4
Oct 17, 2023

Report vulnerabilities to earn bounties and rewards!

Read more