🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > Abdi Pranata

Abdi Pranata

All Time Ranking

260

All Time Discoveries

Showing 81-100 of 260 Vulnerabilities

Google Calendar Events <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

6.4

CVE-2023-49151

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

WP Catalogue <= 1.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

6.4

CVE-2023-48780

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

SVGator – Add Animated SVG Easily <= 1.2.4 - Cross-Site Request Forgery

7.1

CVE-2023-48766

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L

WP Cleanfix <= 5.6.2 - Missing Authorization via register

7.1

CVE-2023-48775

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

IdeaPush <= 8.57 - Missing Authorization

4.3

CVE-2023-48774

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

GoDaddy Email Marketing <= 1.4.3 - Missing Authorization

4.3

CVE-2023-49156

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Download canvasio3D Light <= 2.5.0 - Missing Authorization

5.4

CVE-2023-48776

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

360 Javascript Viewer <= 1.7.11 - Missing Authorization

5.3

CVE-2023-48779

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Mail Bank - #1 Mail SMTP Plugin for WordPress <= 4.0.14 - Missing Authorization

4.3

CVE-2023-48332

Nov 23, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Easy Social Feed <= 6.5.1 - Missing Authorization via hide_free_sidebar()

4.3

CVE-2023-48740

Nov 23, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Super Progressive Web Apps <= 2.2.21 - Missing Authorization

5.3

CVE-2023-48277

Nov 22, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

WCMultiShipping <= 2.3.5 - Missing Authorization to Log Export

4.3

CVE-2023-48274

Nov 21, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

PayTR Taksit Tablosu <= 1.3.1 - Missing Authorization

5.3

CVE-2023-47847

Nov 20, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

BlossomThemes Email Newsletter <= 2.2.4 - Missing Authorization

5.3

CVE-2023-47849

Nov 20, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Analytify Dashboard <= 5.1.1 - Cross-Site Request Forgery

4.3

CVE-2023-47841

Nov 20, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

wpMandrill <= 1.33 - Missing Authorization via getAjaxStats

4.3

CVE-2023-47828

Nov 16, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

WP Meta and Date Remover <= 2.3.0 - Cross-Site Request Forgery via updateSettings

5.3

CVE-2023-47836

Nov 16, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

10WebAnalytics <= 1.2.12 - Missing Authorization via gawd_wd_bp_install_notice_status

4.3

CVE-2023-47807

Nov 16, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Restaurant & Cafe Addon for Elementor <= 1.5.3 - Missing Authorization via multiple AJAX functions

3.1

CVE-2023-47826

Nov 16, 2023

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

FormCraft <= 1.2.7 - Missing Authorization via formcraft_nag_update

5.3

CVE-2023-47823

Nov 16, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
Google Calendar Events <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode	CVE-2023-49151	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	November 28, 2023
WP Catalogue <= 1.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode	CVE-2023-48780	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	November 28, 2023
SVGator – Add Animated SVG Easily <= 1.2.4 - Cross-Site Request Forgery	CVE-2023-48766	7.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L	November 28, 2023
WP Cleanfix <= 5.6.2 - Missing Authorization via register	CVE-2023-48775	7.1	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N	November 28, 2023
IdeaPush <= 8.57 - Missing Authorization	CVE-2023-48774	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	November 28, 2023
GoDaddy Email Marketing <= 1.4.3 - Missing Authorization	CVE-2023-49156	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	November 28, 2023
Download canvasio3D Light <= 2.5.0 - Missing Authorization	CVE-2023-48776	5.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N	November 28, 2023
360 Javascript Viewer <= 1.7.11 - Missing Authorization	CVE-2023-48779	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	November 28, 2023
Mail Bank - #1 Mail SMTP Plugin for WordPress <= 4.0.14 - Missing Authorization	CVE-2023-48332	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	November 23, 2023
Easy Social Feed <= 6.5.1 - Missing Authorization via hide_free_sidebar()	CVE-2023-48740	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	November 23, 2023
Super Progressive Web Apps <= 2.2.21 - Missing Authorization	CVE-2023-48277	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	November 22, 2023
WCMultiShipping <= 2.3.5 - Missing Authorization to Log Export	CVE-2023-48274	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	November 21, 2023
PayTR Taksit Tablosu <= 1.3.1 - Missing Authorization	CVE-2023-47847	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	November 20, 2023
BlossomThemes Email Newsletter <= 2.2.4 - Missing Authorization	CVE-2023-47849	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N	November 20, 2023
Analytify Dashboard <= 5.1.1 - Cross-Site Request Forgery	CVE-2023-47841	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	November 20, 2023
wpMandrill <= 1.33 - Missing Authorization via getAjaxStats	CVE-2023-47828	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	November 16, 2023
WP Meta and Date Remover <= 2.3.0 - Cross-Site Request Forgery via updateSettings	CVE-2023-47836	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N	November 16, 2023
10WebAnalytics <= 1.2.12 - Missing Authorization via gawd_wd_bp_install_notice_status	CVE-2023-47807	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	November 16, 2023
Restaurant & Cafe Addon for Elementor <= 1.5.3 - Missing Authorization via multiple AJAX functions	CVE-2023-47826	3.1	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N	November 16, 2023
FormCraft <= 1.2.7 - Missing Authorization via formcraft_nag_update	CVE-2023-47823	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	November 16, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation