🎉Wordfence just launched its bug bounty program. Over the next 6 months, all awarded bounties receive a 10% bonus. Register as a researcher and submit your vulnerabilities today!

As a reminder, the Wordfence Intelligence Vulnerability Database API is completely free to query and utilize, both personally and commercially, and contains all the same vulnerability data as the user interface. Please review the API documentation and Webhook documentation for more information on how to query the vulnerability API endpoints and configure webhooks utilizing all the same data present in the Wordfence Intelligence user interface.

Wordfence Intelligence > Vulnerability Researchers > Claudio Marchesini

Claudio Marchesini (Dottormarc)

Organization: Dottor Marc Cybersecurity

286

All Time Ranking

All Time Discoveries

About

Claudio Marchesini is a cybersecurity specialist with expertise in Difensive Cyber Security. With extensive national and international experience, he serves as CISO of Dottor Marc Srl, a company dedicated to protecting attack surfaces, addressing cybercrime, providing incident response, and offering strategic technology leadership consulting.

5 Vulnerabilities

BSK Contact Form 7 Blacklist <= 1.0.1 - Reflected Cross-Site Scripting

6.1

CVE-2023-5141

Nov 13, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

WP Discord Invite < 2.5.1 - Cross-Site Request Forgery to Settings Update

5.4

CVE-2023-5006

Nov 7, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

Martins Free & Easy SEO BackLink Link Building Network <= 1.2.29 - Reflected Cross-Site Scripting via _wpnonce

6.1

CVE-2023-5641

Nov 6, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Bonus for Woo <= 5.8.2 - Reflected Cross-Site Scripting

6.1

CVE-2023-5140

Oct 27, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Fattura24 <= 6.2.7 - Reflected Cross-Site Scripting via 'id'

6.1

CVE-2023-5211

Oct 9, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
BSK Contact Form 7 Blacklist <= 1.0.1 - Reflected Cross-Site Scripting	CVE-2023-5141	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	November 13, 2023
WP Discord Invite < 2.5.1 - Cross-Site Request Forgery to Settings Update	CVE-2023-5006	5.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L	November 7, 2023
Martins Free & Easy SEO BackLink Link Building Network <= 1.2.29 - Reflected Cross-Site Scripting via _wpnonce	CVE-2023-5641	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	November 6, 2023
Bonus for Woo <= 5.8.2 - Reflected Cross-Site Scripting	CVE-2023-5140	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 27, 2023
Fattura24 <= 6.2.7 - Reflected Cross-Site Scripting via 'id'	CVE-2023-5211	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 9, 2023

Share this researcher's vulnerability discoveries

All the threat data shared in this database is powered by Wordfence Intelligence Enterprise.
Interested in integrating this data into your platform or network?
Contact us now to discuss API access to our Wordfence Intelligence Enterprise Data Feeds.

Inquire Now

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation