Emili Castells

294.28

XP

41

Reports

0

Reports, last 90 days

#8

18 Nov, 2025

Lvl 1

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Event post<= 5.9.5 Local File Inclusion	45	7.5	Feb 29, 2024
Product Designer<= 1.0.33 Arbitrary Content Deletion	15	7.5	Feb 11, 2024
Annual Archive<= 1.6.0 Cross Site Scripting (XSS)	N/A	5.9	Jan 2, 2024
Booking Ultra Pro<= 1.1.12 Privilege Escalation	9.9	8.8	Feb 25, 2024
Sirv<= 7.2.2 Privilege Escalation	15.18	8.8	Feb 28, 2024
Email Customizer for WooCommerce<= 2.6.0 Sensitive Data Exposure	15	7.5	Jan 4, 2024
Frontend Dashboard<= 2.2.2 Sensitive Data Exposure	N/A	7.5	Feb 11, 2024
Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy<= 2.1.1 Arbitrary Content Deletion	15	7.5	Feb 9, 2024
MyRewards<= 5.3.0 Broken Access Control	6.5	6.5	Jan 11, 2024
Login with phone number<= 1.7.16 Privilege Escalation	15.18	8.8	Feb 29, 2024
5 Stars Rating Funnel<= 1.2.67 Arbitrary Content Deletion	17.25	7.5	Feb 9, 2024
Contest Gallery<= 21.3.4 SQL Injection	11	8.5	Feb 8, 2024
WholesaleX<= 1.3.1 Broken Access Control	6.5	6.5	Feb 24, 2024
WholesaleX<= 1.3.1 Sensitive Data Exposure	6.5	6.5	Feb 24, 2024
Rolo Slider<= 1.0.9 Settings Change	7.7	7.7	Feb 14, 2024
WooCommerce Coupon Popup, SmartBar, Slide In \| MyShopKit<= 1.0.9 Sensitive Data Exposure	10.6	5.3	Feb 17, 2024
Team Members Showcase<= 1.3.4 Cross Site Scripting (XSS)	N/A	5.9	May 15, 2023
WooCommerce Product Enquiry<= 2.6.0 Cross Site Scripting (XSS)	14.2	7.1	May 15, 2023
Live Gold Price & Silver Price Charts Widgets<= 2.4 Cross Site Scripting (XSS)	N/A	5.9	May 16, 2023
Product Visibility by Country for WooCommerce<= 1.4.9 Cross Site Scripting (XSS)	N/A	5.9	May 17, 2023
Lava Directory Manager<= 1.1.34 Cross Site Scripting (XSS)	4.88	6.5	May 17, 2023
Extra Product Options for WooCommerce<= 4.1 Cross Site Scripting (XSS)	1.48	5.9	May 22, 2023
Direct Checkout – Quick View – Buy Now For WooCommerce<= 1.5.8 Cross Site Scripting (XSS)	1.48	5.9	May 22, 2023
TWB Woocommerce Reviews<= 1.7.5 Cross Site Scripting (XSS)	N/A	5.9	May 24, 2023
Recently viewed and most viewed products<= 1.1.1 Cross Site Scripting (XSS)	1.48	5.9	May 30, 2023
IdeaPush<= 8.52 Cross Site Scripting (XSS)	N/A	5.9	May 24, 2023
Simple User Listing<= 1.9.2 Cross Site Scripting (XSS)	14.2	7.1	May 5, 2023
Eonet Manual User Approve<= 2.1.3 Cross Site Scripting (XSS)	N/A	5.9	May 11, 2023
Lava Directory Manager<= 1.1.34 Cross Site Scripting (XSS)	14.2	7.1	May 17, 2023
Contact Form Generator<= 2.7.1 SQL Injection	9.56	8.5	Jun 19, 2023
Order auto complete for WooCommerce<= 1.2.0 Cross Site Scripting (XSS)	N/A	5.9	May 24, 2023
Export Import Menus<= 1.8.0 Arbitrary File Upload	14.85	9.9	Jun 5, 2023
Easy Newsletter Signups<= 1.0.4 Broken Access Control	N/A	6.5	May 31, 2023
Quasar form<= 6.0 SQL Injection	9.56	8.5	Jun 19, 2023
Zippy<= 1.6.2 Broken Access Control	10.6	5.3	Jun 6, 2023
GDPR Cookie Consent Notice Box<= 1.1.6 Cross Site Scripting (XSS)	N/A	5.9	May 5, 2023
Quick/Bulk Order Form for WooCommerce<= 3.5.7 Cross Site Scripting (XSS)	1.48	5.9	May 11, 2023
Novelist<= 1.2.0 Cross Site Scripting (XSS)	N/A	5.9	May 15, 2023
WooDiscuz – WooCommerce Comments<= 2.2.9 Cross Site Scripting (XSS)	N/A	5.9	May 16, 2023
WishSuite<= 1.3.4 Cross Site Scripting (XSS)	N/A	5.9	May 7, 2023
Product page shipping calculator for WooCommerce<= 1.3.25 Cross Site Scripting (XSS)	N/A	5.9	May 10, 2023

Report vulnerabilities to earn bounties and rewards!

Include pending