🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > Abdi Pranata

Abdi Pranata

All Time Ranking

250

All Time Discoveries

Showing 61-80 of 250 Vulnerabilities

5.3

CVE-2023-49859

Dec 7, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Shortcoder <= 6.3 - Missing Authorization

5.3

CVE-2023-49849

Dec 6, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Flexible Woocommerce Checkout Field Editor <= 2.0.1 - Missing Authorization

5.3

CVE-2023-49817

Dec 5, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Eventin <= 3.3.52 - Missing Authorization

4.3

CVE-2023-49756

Dec 4, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Elementor Timeline Widget <= 2.2 - Missing Authorization to Notice Dismissal

4.3

CVE-2023-49755

Dec 4, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Awesome Support <= 6.1.10 - Missing Authorization

5.4

CVE-2023-49757

Dec 4, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

WP Booking System <= 2.0.19.2 - Missing Authorization

4.3

CVE-2023-49758

Dec 4, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Social Pug <= 1.30.0 - Missing Authorization via multiple admin_init actions

5.3

CVE-2023-49193

Dec 1, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Enhanced Text Widget <= 1.6.3 - Missing Authorization via etw_hide_admin_notification_callback

5.3

CVE-2023-49192

Dec 1, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Quotes for WooCommerce <= 2.0.1 - Missing Authorization

4.3

CVE-2023-51680

Nov 30, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Google Calendar Events <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

6.4

CVE-2023-49151

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

WP Catalogue <= 1.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

6.4

CVE-2023-48780

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

SVGator – Add Animated SVG Easily <= 1.2.4 - Cross-Site Request Forgery

7.1

CVE-2023-48766

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L

WP Cleanfix <= 5.6.2 - Missing Authorization via register

7.1

CVE-2023-48775

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

IdeaPush <= 8.57 - Missing Authorization

4.3

CVE-2023-48774

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

GoDaddy Email Marketing <= 1.4.3 - Missing Authorization

4.3

CVE-2023-49156

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Download canvasio3D Light <= 2.5.0 - Missing Authorization

5.4

CVE-2023-48776

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

360 Javascript Viewer <= 1.7.11 - Missing Authorization

5.3

CVE-2023-48779

Nov 28, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Easy Social Feed <= 6.5.1 - Missing Authorization via hide_free_sidebar()

4.3

CVE-2023-48740

Nov 23, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Mail Bank - #1 Mail SMTP Plugin for WordPress <= 4.0.14 - Missing Authorization

4.3

CVE-2023-48332

Nov 23, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
Login With Ajax <= 4.1 - Missing Authorization	CVE-2023-49859	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	December 7, 2023
Shortcoder <= 6.3 - Missing Authorization	CVE-2023-49849	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	December 6, 2023
Flexible Woocommerce Checkout Field Editor <= 2.0.1 - Missing Authorization	CVE-2023-49817	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	December 5, 2023
Eventin <= 3.3.52 - Missing Authorization	CVE-2023-49756	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	December 4, 2023
Elementor Timeline Widget <= 2.2 - Missing Authorization to Notice Dismissal	CVE-2023-49755	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	December 4, 2023
Awesome Support <= 6.1.10 - Missing Authorization	CVE-2023-49757	5.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N	December 4, 2023
WP Booking System <= 2.0.19.2 - Missing Authorization	CVE-2023-49758	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	December 4, 2023
Social Pug <= 1.30.0 - Missing Authorization via multiple admin_init actions	CVE-2023-49193	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	December 1, 2023
Enhanced Text Widget <= 1.6.3 - Missing Authorization via etw_hide_admin_notification_callback	CVE-2023-49192	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	December 1, 2023
Quotes for WooCommerce <= 2.0.1 - Missing Authorization	CVE-2023-51680	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	November 30, 2023
Google Calendar Events <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode	CVE-2023-49151	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	November 28, 2023
WP Catalogue <= 1.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode	CVE-2023-48780	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	November 28, 2023
SVGator – Add Animated SVG Easily <= 1.2.4 - Cross-Site Request Forgery	CVE-2023-48766	7.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L	November 28, 2023
WP Cleanfix <= 5.6.2 - Missing Authorization via register	CVE-2023-48775	7.1	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N	November 28, 2023
IdeaPush <= 8.57 - Missing Authorization	CVE-2023-48774	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	November 28, 2023
GoDaddy Email Marketing <= 1.4.3 - Missing Authorization	CVE-2023-49156	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	November 28, 2023
Download canvasio3D Light <= 2.5.0 - Missing Authorization	CVE-2023-48776	5.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N	November 28, 2023
360 Javascript Viewer <= 1.7.11 - Missing Authorization	CVE-2023-48779	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	November 28, 2023
Easy Social Feed <= 6.5.1 - Missing Authorization via hide_free_sidebar()	CVE-2023-48740	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	November 23, 2023
Mail Bank - #1 Mail SMTP Plugin for WordPress <= 4.0.14 - Missing Authorization	CVE-2023-48332	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	November 23, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation