🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > Anant Shrivastava (anantshri)

Anant Shrivastava (anantshri)

All Time Ranking

All Time Discoveries

Showing 41-60 of 68 Vulnerabilities

Walk Score Plugin <= 0.5.5 - Cross-Site Scripting

7.1

CVE-2014-4573

Jun 12, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

VideoWhisper Video Presentation <= 3.25 - Reflected Cross-Site Scripting

6.1

CVE-2014-4570

Jun 12, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Appointments Scheduler <= 1.5 - Cross-Site Scripting

6.1

CVE-2014-4579

Jun 12, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

WP Facethumb <= 1.0 - Cross-Site Scripting

6.1

CVE-2014-4585

Jun 12, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

WP Restful <= 0.1 - Multiple Cross-Site Scripting

6.1

CVE-2014-4595

Jun 12, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Ruven Toolkit <= 2.0 - Reflected Cross-Site Scripting

6.1

CVE-2014-4548

Jun 12, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Video Posts Webcam Recorder <= 1.55.4 - Reflected Cross-Site Scripting

6.1

CVE-2014-4568

Jun 12, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

WP Consultant <= 1.0 - Reflected Cross-Site Scripting

6.1

CVE-2014-4582

Jun 12, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

wp-football <= 1.1 - Cross-Site Scripting

6.1

CVE-2014-4586

Jun 12, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

WikiPop <= 2.0 - Cross-Site Scripting

6.1

CVE-2014-4575

Jun 12, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

WP-Picasa-Image <= 1.0 - Reflected Cross-Site Scripting

6.1

CVE-2014-4591

Jun 12, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Cross-RSS <= 1.7 - Path Traversal

7.5

CVE-2014-4941

May 29, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

ZdStatistics <= 2.0.1 - Cross-Site Scripting

6.1

CVE-2014-4605

May 28, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

All Video Gallery Plugin for WordPress <= 1.2 - Authenticated SQL Injection

7.2

CVE-2014-5186

May 28, 2014

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Ultimate Product Catalog < 2.1.1 - Authenticated (Admin+) SQL Injection

7.2

CVE ID Unknown

May 28, 2014

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

HDW Player Plugin (Video Player & Video Gallery) <= 2.4.2 - Authenticated (Admin+) SQL Injection

9.1

CVE-2014-5180

May 28, 2014

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

zeList <= 0.5.11.07 - Cross-Site Scripting

6.1

CVE ID Unknown

May 28, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

All in One Social Lite <= 1.0 - Server-Side Request Forgery

8.3

CVE ID Unknown

May 28, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

ENL Newsletter <= 1.0.1 - Authenticated (Admin+) SQL Injection

7.2

CVE-2014-4939

May 28, 2014

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EasyCart <= 2.0.5 - Sensitive Information Disclosure

5.3

CVE-2014-4942

May 28, 2014

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Title	CVE ID	CVSS	Vector	Date
Walk Score Plugin <= 0.5.5 - Cross-Site Scripting	CVE-2014-4573	7.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L	June 12, 2014
VideoWhisper Video Presentation <= 3.25 - Reflected Cross-Site Scripting	CVE-2014-4570	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 12, 2014
Appointments Scheduler <= 1.5 - Cross-Site Scripting	CVE-2014-4579	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 12, 2014
WP Facethumb <= 1.0 - Cross-Site Scripting	CVE-2014-4585	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 12, 2014
WP Restful <= 0.1 - Multiple Cross-Site Scripting	CVE-2014-4595	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 12, 2014
Ruven Toolkit <= 2.0 - Reflected Cross-Site Scripting	CVE-2014-4548	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 12, 2014
Video Posts Webcam Recorder <= 1.55.4 - Reflected Cross-Site Scripting	CVE-2014-4568	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 12, 2014
WP Consultant <= 1.0 - Reflected Cross-Site Scripting	CVE-2014-4582	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 12, 2014
wp-football <= 1.1 - Cross-Site Scripting	CVE-2014-4586	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 12, 2014
WikiPop <= 2.0 - Cross-Site Scripting	CVE-2014-4575	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 12, 2014
WP-Picasa-Image <= 1.0 - Reflected Cross-Site Scripting	CVE-2014-4591	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 12, 2014
Cross-RSS <= 1.7 - Path Traversal	CVE-2014-4941	7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	May 29, 2014
ZdStatistics <= 2.0.1 - Cross-Site Scripting	CVE-2014-4605	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 28, 2014
All Video Gallery Plugin for WordPress <= 1.2 - Authenticated SQL Injection	CVE-2014-5186	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	May 28, 2014
Ultimate Product Catalog < 2.1.1 - Authenticated (Admin+) SQL Injection		7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	May 28, 2014
HDW Player Plugin (Video Player & Video Gallery) <= 2.4.2 - Authenticated (Admin+) SQL Injection	CVE-2014-5180	9.1	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H	May 28, 2014
zeList <= 0.5.11.07 - Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 28, 2014
All in One Social Lite <= 1.0 - Server-Side Request Forgery		8.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L	May 28, 2014
ENL Newsletter <= 1.0.1 - Authenticated (Admin+) SQL Injection	CVE-2014-4939	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	May 28, 2014
EasyCart <= 2.0.5 - Sensitive Information Disclosure	CVE-2014-4942	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N	May 28, 2014

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation