🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > Ankur Bakre

Ankur Bakre

302

All Time Ranking

All Time Discoveries

6 Vulnerabilities

WP-CRM – Customer Relations Management for WordPress <= 1.2.1 - CSV injection

7.2

CVE-2022-1202

May 18, 2022

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

th23 Social <= 1.2.0 - Stored Cross-Site Scripting

5.5

CVE-2022-1062

Apr 19, 2022

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

Bulk Edit and Create User Profiles – WP Sheet Editor <= 1.5.13 - Cross-Site Scripting

5.5

CVE-2022-1089

Apr 19, 2022

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

Page Security & Membership <= 1.5.15 - Authenticated (Admin+) Stored Cross-Site Scripting

5.5

CVE-2022-1088

Apr 11, 2022

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

Thank Me Later <= 3.3.4 - Admin+ Stored Cross-Site Scripting

5.5

CVE-2022-1063

Apr 9, 2022

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

amr users <= 4.59.3 - Admin+ Stored Cross-Site Scripting

5.5

CVE-2022-1094

Apr 4, 2022

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
WP-CRM – Customer Relations Management for WordPress <= 1.2.1 - CSV injection	CVE-2022-1202	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	May 18, 2022
th23 Social <= 1.2.0 - Stored Cross-Site Scripting	CVE-2022-1062	5.5	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N	April 19, 2022
Bulk Edit and Create User Profiles – WP Sheet Editor <= 1.5.13 - Cross-Site Scripting	CVE-2022-1089	5.5	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N	April 19, 2022
Page Security & Membership <= 1.5.15 - Authenticated (Admin+) Stored Cross-Site Scripting	CVE-2022-1088	5.5	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N	April 11, 2022
Thank Me Later <= 3.3.4 - Admin+ Stored Cross-Site Scripting	CVE-2022-1063	5.5	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N	April 9, 2022
amr users <= 4.59.3 - Admin+ Stored Cross-Site Scripting	CVE-2022-1094	5.5	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N	April 4, 2022

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation