bl4derunner

158
All Time Ranking
14
All Time Discoveries

14 Vulnerabilities

Title CVE ID CVSS Vector Date
Menu Item Visibility Control <= 0.5 - Authenticated (Admin+) Remote Code Execution CVE-2021-24942 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H November 29, 2022
Rich Reviews by Starfish <= 1.9.5 - SQL Injection CVE-2021-24753 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H November 29, 2021
SEO Booster <= 3.7 - Admin+ SQL Injection CVE-2021-24747 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H November 15, 2021
myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin <= 2.2 - Subscriber+ SQL Injection CVE-2021-24755 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H November 1, 2021
Email Before Download <= 6.7 - Admin+ SQL Injection CVE-2021-24748 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H November 1, 2021
Download Monitor <= 4.4.4 - Admin+ SQL Injection via orderby parameter CVE-2021-24786 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 20, 2021
Stream <= 3.8.1 - Admin+ SQL Injection CVE-2021-24772 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 18, 2021
Email Log <= 2.4.6 - Admin+ SQL Injection CVE-2021-24758 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 18, 2021
Header Footer Code Manager <= 1.1.13 - Authenticated SQL Injections CVE-2021-24791 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 11, 2021
Similar Posts <= 3.1.5 - Admin+ Arbitrary PHP Code Execution CVE-2021-24537 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 11, 2021
Permalink Manager Lite <= 2.2.12 - Admin+ SQL Injection CVE-2021-24769 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H September 27, 2021
Check & Log Email <= 1.0.2 - Admin+ SQL Injection via Order and OrderBy parameters CVE-2021-24774 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H September 27, 2021
MainWP Child Reports <= 2.0.7 - Admin+ SQL Injection CVE-2021-24754 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H September 20, 2021
EditorsKit <= 1.31.5 - Authenticated (Contributor+) Code Injection CVE-2021-24546 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H September 13, 2021

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation