🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > Abdi Pranata

Abdi Pranata

All Time Ranking

266

All Time Discoveries

Showing 41-60 of 266 Vulnerabilities

MailerLite – WooCommerce integration <= 2.0.8 - Missing Authorization via Multiple Functions

4.3

CVE-2023-52227

Jan 8, 2024

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Quiz Maker <= 6.5.1.1 - Missing Authorization

4.3

CVE-2024-21743

Jan 5, 2024

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

WooCommerce Conversion Tracking <= 2.0.11 - Missing Authorization

4.3

CVE-2023-52217

Jan 3, 2024

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Slider by Soliloquy <= 2.7.2 - Missing Authorization

4.3

CVE-2023-51519

Dec 27, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

WooCommerce Easy Duplicate Product <= 0.3.0.7 - Missing Authorization via wedp_duplicate_product_action

4.3

CVE-2023-51523

Dec 27, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

BulkGate SMS Plugin for WooCommerce <= 3.0.2 - Missing Authorization via Multiple AJAX Actions

4.3

CVE-2023-51679

Dec 27, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Sirv <= 7.1.2 - Missing Authorization via sirv_disconnect

4.3

CVE-2023-50898

Dec 26, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Product Filter by WBW <= 2.5.0 - Missing Authorization via getListForTbl

4.3

CVE-2023-50877

Dec 26, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Social Media Feather <= 2.1.3 - Missing Authorization

4.3

CVE-2023-49861

Dec 7, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Responsive Slick Slider WordPress <= 1.4 - Authenticated (Contributor+) Content Injection

4.3

CVE-2023-49852

Dec 7, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Elementor Timeline Widget <= 2.2 - Missing Authorization to Notice Dismissal

4.3

CVE-2023-49755

Dec 4, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

WP Booking System <= 2.0.19.2 - Missing Authorization

4.3

CVE-2023-49758

Dec 4, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Eventin <= 3.3.52 - Missing Authorization

4.3

CVE-2023-49756

Dec 4, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Quotes for WooCommerce <= 2.0.1 - Missing Authorization

4.3

CVE-2023-51680

Nov 30, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

GoDaddy Email Marketing <= 1.4.3 - Missing Authorization

4.3

CVE-2023-49156

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

IdeaPush <= 8.57 - Missing Authorization

4.3

CVE-2023-48774

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Easy Social Feed <= 6.5.1 - Missing Authorization via hide_free_sidebar()

4.3

CVE-2023-48740

Nov 23, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Mail Bank - #1 Mail SMTP Plugin for WordPress <= 4.0.14 - Missing Authorization

4.3

CVE-2023-48332

Nov 23, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

WCMultiShipping <= 2.3.5 - Missing Authorization to Log Export

4.3

CVE-2023-48274

Nov 21, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Analytify Dashboard <= 5.1.1 - Cross-Site Request Forgery

4.3

CVE-2023-47841

Nov 20, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
MailerLite – WooCommerce integration <= 2.0.8 - Missing Authorization via Multiple Functions	CVE-2023-52227	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	January 8, 2024
Quiz Maker <= 6.5.1.1 - Missing Authorization	CVE-2024-21743	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	January 5, 2024
WooCommerce Conversion Tracking <= 2.0.11 - Missing Authorization	CVE-2023-52217	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	January 3, 2024
Slider by Soliloquy <= 2.7.2 - Missing Authorization	CVE-2023-51519	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	December 27, 2023
WooCommerce Easy Duplicate Product <= 0.3.0.7 - Missing Authorization via wedp_duplicate_product_action	CVE-2023-51523	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	December 27, 2023
BulkGate SMS Plugin for WooCommerce <= 3.0.2 - Missing Authorization via Multiple AJAX Actions	CVE-2023-51679	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	December 27, 2023
Sirv <= 7.1.2 - Missing Authorization via sirv_disconnect	CVE-2023-50898	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	December 26, 2023
Product Filter by WBW <= 2.5.0 - Missing Authorization via getListForTbl	CVE-2023-50877	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	December 26, 2023
Social Media Feather <= 2.1.3 - Missing Authorization	CVE-2023-49861	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	December 7, 2023
Responsive Slick Slider WordPress <= 1.4 - Authenticated (Contributor+) Content Injection	CVE-2023-49852	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	December 7, 2023
Elementor Timeline Widget <= 2.2 - Missing Authorization to Notice Dismissal	CVE-2023-49755	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	December 4, 2023
WP Booking System <= 2.0.19.2 - Missing Authorization	CVE-2023-49758	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	December 4, 2023
Eventin <= 3.3.52 - Missing Authorization	CVE-2023-49756	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	December 4, 2023
Quotes for WooCommerce <= 2.0.1 - Missing Authorization	CVE-2023-51680	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	November 30, 2023
GoDaddy Email Marketing <= 1.4.3 - Missing Authorization	CVE-2023-49156	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	November 28, 2023
IdeaPush <= 8.57 - Missing Authorization	CVE-2023-48774	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	November 28, 2023
Easy Social Feed <= 6.5.1 - Missing Authorization via hide_free_sidebar()	CVE-2023-48740	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	November 23, 2023
Mail Bank - #1 Mail SMTP Plugin for WordPress <= 4.0.14 - Missing Authorization	CVE-2023-48332	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	November 23, 2023
WCMultiShipping <= 2.3.5 - Missing Authorization to Log Export	CVE-2023-48274	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	November 21, 2023
Analytify Dashboard <= 5.1.1 - Cross-Site Request Forgery	CVE-2023-47841	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	November 20, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation