Anant Shrivastava (anantshri)

46
All Time Ranking
68
All Time Discoveries

Showing 1-20 of 68 Vulnerabilities

Title CVE ID CVSS Vector Date
WP Rss Poster <= 1.0.0 - SQL Injection CVE-2014-4938 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H May 28, 2014
HDW Player Plugin (Video Player & Video Gallery) <= 2.4.2 - Authenticated (Admin+) SQL Injection CVE-2014-5180 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H May 28, 2014
Portable phpMyAdmin <= 1.5.0 - Authentication Bypass CVE-2013-4462 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N October 24, 2013
Simple Retail Menus <= 4.0.1 - SQL Injection CVE-2014-5183 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H May 28, 2015
YAWPP (Yet Another WordPress Petition Plugin) <= 1.2.1 - Authenticated SQL Injection CVE-2014-5182 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H May 28, 2014
Quartz <= 1.01.1 - SQL Injection CVE-2014-5185 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H May 28, 2014
All in One Social Lite <= 1.0 - Server-Side Request Forgery 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L May 28, 2014
WP AmASIN – The Amazon Affiliate Shop <= 0.9.6 - Local File Inclusion CVE-2014-4577 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N August 1, 2014
Cross-RSS <= 1.7 - Path Traversal CVE-2014-4941 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N May 29, 2014
Tera Charts < 1.0 - Directory Traversal CVE-2014-4940 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N May 28, 2014
BookX <= 1.7 - Path Traversal CVE-2014-4937 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N May 28, 2014
Ultimate Product Catalog < 2.1.1 - Authenticated (Admin+) SQL Injection 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 28, 2014
stripShow Plugin <= 2.5.2 - SQL Injection CVE-2014-5184 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 28, 2014
ENL Newsletter <= 1.0.1 - Authenticated (Admin+) SQL Injection CVE-2014-4939 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 28, 2014
All Video Gallery Plugin for WordPress <= 1.2 - Authenticated SQL Injection CVE-2014-5186 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 28, 2014
Yahoo Updates For WordPress <= 1.0 - Cross-Site Scripting CVE-2014-4603 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L July 4, 2014
WP Microblogs <= 0.4.0 - Cross-Site Scripting CVE-2014-4590 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L June 12, 2014
wp-tmkm-amazon < 1.5.3 - Cross-Site Scripting CVE-2014-4598 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L June 12, 2014
Walk Score Plugin <= 0.5.5 - Cross-Site Scripting CVE-2014-4573 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L June 12, 2014
WP App Maker <= 1.0.16.4 - Reflected Cross-Site Scripting CVE-2014-4578 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N August 1, 2014

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation