Le Ngoc Anh

4264.84

XP

270

Reports

0

Reports, last 90 days

#8

18 Nov, 2025

Lvl 7

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Magazine Saga<= 1.2.7 Local File Inclusion	16.2	8.1	May 26, 2025
Magazine Elite<= 1.2.4 Local File Inclusion	16.2	8.1	May 26, 2025
Glamer<= 1.0.2 Local File Inclusion	16.2	8.1	May 26, 2025
Magazine<= 1.2.2 Local File Inclusion	16.2	8.1	May 26, 2025
BlogMarks<= 1.0.8 Local File Inclusion	16.2	8.1	May 26, 2025
Neom Blog<= 0.0.9 Cross Site Scripting (XSS)	7.1	7.1	May 20, 2025
Magze<= 1.0.9 Local File Inclusion	16.2	8.1	May 26, 2025
Magways<= 1.2.1 Local File Inclusion	16.2	8.1	May 26, 2025
Magty<= 1.0.6 Local File Inclusion	16.2	8.1	May 26, 2025
Blogvy<= 1.0.7 Local File Inclusion	16.2	8.1	May 26, 2025
Blogty<= 1.0.11 Local File Inclusion	16.2	8.1	May 26, 2025
Blogprise<= 1.0.9 Local File Inclusion	16.2	8.1	May 26, 2025
Blogmine<= 1.1.7 Local File Inclusion	16.2	8.1	May 26, 2025
Blogbyte<= 1.1.1 Local File Inclusion	16.2	8.1	May 26, 2025
WP SmartPay<= 2.7.13 Broken Authentication	26.4	8.8	Apr 24, 2025
Subaccounts for WooCommerce<= 1.6.6 Broken Authentication	26.4	8.8	Apr 24, 2025
TrackShip for WooCommerce<= 1.9.1 SQL Injection	3.8	7.6	Apr 9, 2025
Easy Guide<= 1.0.0 SQL Injection	37.2	9.3	Apr 9, 2025
Arigato Autoresponder and Newsletter<= 2.7.2.4 Cross Site Scripting (XSS)	14.2	7.1	Mar 31, 2025
Quentn WP<= 1.2.8 SQL Injection	37.2	9.3	Mar 27, 2025
Quentn WP<= 1.2.8 Privilege Escalation	58.8	9.8	Mar 27, 2025
Rating by BestWebSoft<= 1.7 PHP Object Injection	17.6	8.8	Mar 16, 2025
GoodBarber<= 1.0.26 Open Redirection	9.4	4.7	Mar 11, 2025
KiotViet Sync<= 1.8.4 SQL Injection	17	8.5	Dec 23, 2024
Kata Plus<= 1.5.3 PHP Object Injection	39.2	9.8	Dec 23, 2024
PDF 2 Post<= 2.4.0 Remote Code Execution (RCE)	29.7	9.9	Dec 26, 2024
Kargo Entegratör<= 1.1.14 SQL Injection	N/A	7.6	Mar 25, 2025
WP Easy Poll<= 2.2.9 Cross Site Scripting (XSS)	14.2	7.1	Dec 15, 2024
WP Featured Screenshot<= 1.3 Cross Site Scripting (XSS)	14.2	7.1	Dec 14, 2024
WP-Hijri<= 1.5.3 Cross Site Scripting (XSS)	14.2	7.1	Dec 15, 2024
Hamburger Icon Menu Lite<= 1.0 Cross Site Scripting (XSS)	14.2	7.1	Dec 6, 2024
DN Shipping by Weight for WooCommerce<= 1.2 Cross Site Scripting (XSS)	14.2	7.1	Nov 30, 2024
Easy Post Duplicator<= 1.0.1 Cross Site Scripting (XSS)	14.2	7.1	Nov 30, 2024
Interactive Geo Maps<= 1.6.24 Cross Site Scripting (XSS)	28.4	7.1	Nov 26, 2024
WebinarPress<= 1.33.28 Open Redirection	9.4	4.7	Mar 10, 2025
Ultimate WP Mail<= 1.3.10 Open Redirection	9.4	4.7	Mar 10, 2025
WP Remote Thumbnail<= 1.3.2 Arbitrary File Upload	22.28	9.9	Dec 29, 2024
WordPress 5sterrenspecialist Plugin<= 1.4 Cross Site Scripting (XSS)	14.2	7.1	Oct 4, 2024
Easy Query – WP Query Builder<= 2.0.4 SQL Injection	N/A	7.6	Mar 28, 2025
XV Random Quotes<= 1.37 Cross Site Scripting (XSS)	14.2	7.1	Dec 11, 2024
Awesome Logos<= 1.2 Cross Site Scripting (XSS)	14.2	7.1	Oct 14, 2024
Integration of Zoho CRM and Contact Form 7<= 1.0.7 Open Redirection	9.4	4.7	Feb 23, 2025
Multiple Shipping And Billing Address For Woocommerce<= 1.5 PHP Object Injection	39.2	9.8	Mar 16, 2025
The Ultimate WordPress Toolkit – WP Extended<= 3.0.14 Cross Site Scripting (XSS)	16.33	7.1	Feb 22, 2025
Bit Form – Contact Form Plugin<= 2.18.0 Open Redirection	9.4	4.7	Feb 23, 2025
Bit Integrations<= 2.4.10 Open Redirection	9.4	4.7	Feb 23, 2025
AliNext<= 3.5.1 Open Redirection	9.4	4.7	Feb 28, 2025
FunnelKit Automations<= 3.5.1 Open Redirection	9.4	4.7	Feb 23, 2025
Scheduled & Automatic Order Status Controller for WooCommerce<= 3.7.1 Open Redirection	9.4	4.7	Mar 10, 2025
Blue Captcha<= 1.7.4 Cross Site Scripting (XSS)	14.2	7.1	Feb 25, 2025
Responsive Slider by MetaSlider<= 3.94.0 PHP Object Injection	58.8	9.8	Dec 23, 2024
WP Sessions Time Monitoring Full Automatic<= 1.1.1 Cross Site Scripting (XSS)	14.2	7.1	Jan 10, 2025
FundPress<= 2.0.6 PHP Object Injection	39.2	9.8	Nov 26, 2024
Import Excel to Gravity Forms<= 1.18 Cross Site Scripting (XSS)	14.2	7.1	Nov 30, 2024
WP Load Gallery<= 2.1.6 Arbitrary File Upload	13.65	9.1	Dec 29, 2024
Muzaara Google Ads Report<= 3.1 PHP Object Injection	39.2	9.8	Dec 23, 2024
wp-flickr-press<= 2.6.4 Cross Site Scripting (XSS)	14.2	7.1	Dec 15, 2024
WordPress File Search<= 1.2 Cross Site Scripting (XSS)	14.2	7.1	Dec 12, 2024
ImageMeta<= 1.1.2 Cross Site Scripting (XSS)	14.2	7.1	Dec 8, 2024
Guten Free Options<= 0.9.7 Cross Site Scripting (XSS)	14.2	7.1	Dec 6, 2024
Easy Code Placement<= 18.11 Cross Site Scripting (XSS)	14.2	7.1	Nov 30, 2024
URL Shortener \| Conversion Tracking \| AB Testing \| WooCommerce<= 9.0.2 Cross Site Scripting (XSS)	14.2	7.1	Nov 30, 2024
Easy Bet<= 1.0.7 Cross Site Scripting (XSS)	14.2	7.1	Nov 30, 2024
Easy Filter<= 1.10 Cross Site Scripting (XSS)	14.2	7.1	Nov 30, 2024
DN Sitemap Control<= 1.0.6 Cross Site Scripting (XSS)	14.2	7.1	Oct 31, 2024
Data Dash<= 1.2.3 Cross Site Scripting (XSS)	14.2	7.1	Oct 31, 2024
Custom Widget Creator<= 1.0.5 Cross Site Scripting (XSS)	14.2	7.1	Oct 31, 2024
ComparePress<= 2.0.8 Cross Site Scripting (XSS)	14.2	7.1	Oct 31, 2024
Contact Form 7 – Paystack Add-on<= 1.2.3 Cross Site Scripting (XSS)	14.2	7.1	Oct 29, 2024
Form To Online Booking<= 1.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 29, 2024
Contact Form 7 – CCAvenue Add-on<= 1.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 28, 2024
CBX Accounting & Bookkeeping<= 1.3.14 Cross Site Scripting (XSS)	14.2	7.1	Oct 28, 2024
Captchelfie – Captcha by Selfie<= 1.0.7 Cross Site Scripting (XSS)	14.2	7.1	Oct 28, 2024
Catch Duplicate Switcher<= 2.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 28, 2024
Causes – Donation Plugin<= 1.0.01 Cross Site Scripting (XSS)	14.2	7.1	Oct 28, 2024
Canalplan<= 5.31 Cross Site Scripting (XSS)	14.2	7.1	Oct 28, 2024
Call To Action Popup<= 1.0.2 Cross Site Scripting (XSS)	14.2	7.1	Oct 28, 2024
CAMOO SMS<= 3.0.1 Cross Site Scripting (XSS)	14.2	7.1	Oct 28, 2024
Calendi<= 1.1.1 Cross Site Scripting (XSS)	14.2	7.1	Oct 28, 2024
Blrt WP Embed<= 1.6.9 Cross Site Scripting (XSS)	14.2	7.1	Oct 20, 2024
Awesome Twitter Feeds<= 1.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 14, 2024
AW WooCommerce Kode Pembayaran<= 1.1.4 Cross Site Scripting (XSS)	14.2	7.1	Oct 14, 2024
AlT Report<= 1.12.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 9, 2024
Author Showcase<= 1.4.3 Cross Site Scripting (XSS)	14.2	7.1	Oct 13, 2024
Attach Gallery Posts<= 1.6 Cross Site Scripting (XSS)	14.2	7.1	Oct 13, 2024
Altima Lookbook Free for WooCommerce<= 1.1.0 Cross Site Scripting (XSS)	14.2	7.1	Oct 9, 2024
Wishlist<= 1.0.39 Cross Site Scripting (XSS)	14.2	7.1	Dec 16, 2024
Contact Form With Shortcode<= 4.2.5 Cross Site Scripting (XSS)	14.2	7.1	Oct 31, 2024
WP BASE Booking<= 4.9.2 Cross Site Scripting (XSS)	14.2	7.1	Dec 16, 2024
WP Post Corrector<= 1.0.2 Cross Site Scripting (XSS)	14.2	7.1	Dec 13, 2024
WP Order By<= 1.4.2 Cross Site Scripting (XSS)	14.2	7.1	Dec 13, 2024
GSheetConnector for Forminator Forms<= 1.0.12 Cross Site Scripting (XSS)	14.2	7.1	Dec 5, 2024
Catalog Importer, Scraper & Crawler<= 5.1.3 Cross Site Scripting (XSS)	14.2	7.1	Dec 10, 2024
WP Bulletin Board<= 1.1.4 Cross Site Scripting (XSS)	14.2	7.1	Dec 16, 2024
World Cup Predictor<= 1.9.8 Cross Site Scripting (XSS)	14.2	7.1	Dec 16, 2024
XML for Avito<= 2.5.2 Cross Site Scripting (XSS)	14.2	7.1	Dec 11, 2024
MindValley Super PageMash<= 1.1 SQL Injection	N/A	7.6	Dec 23, 2024
NC Wishlist for Woocommerce<= 1.0.1 SQL Injection	17	8.5	Dec 23, 2024
Scanventory<= 1.1.3 Cross Site Scripting (XSS)	14.2	7.1	Dec 16, 2024
Mailing Group Listserv<= 2.0.9 Cross Site Scripting (XSS)	14.2	7.1	Dec 14, 2024

Report vulnerabilities to earn bounties and rewards!

Include pending