🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > Cyber Security Works Pvt. Ltd

Cyber Security Works Pvt. Ltd

266

All Time Ranking

All Time Discoveries

7 Vulnerabilities

WordPress Country Selector <= 1.6.5 - Reflected Cross-Site Scripting via AJAX call of check_country_selector

6.1

CVE-2022-28290

Mar 30, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Customize Login Image <= 3.4 - Cross-Site Scripting

5.4

CVE-2021-33851

Dec 2, 2021

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Microsoft Clarity <= 0.3 - Authenticated Stored Cross-Site Scripting

5.4

CVE-2021-33850

Oct 18, 2021

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Zoho CRM Lead Magnet <= 1.7.2.4 - Cross-Site Scripting

6.4

CVE-2021-33849

Sep 1, 2021

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

GreenMart – Organic & Food WooCommerce WordPress Theme < 2.4.3 - Reflected Cross-Site Scripting

6.1

CVE-2020-16140

Jul 17, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Crony Cronjob Manager < 0.4.7 - Cross-Site Request Forgery to Stored Cross-Site Scripting

8.8

CVE-2017-14530

Oct 27, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

PowerPress <= 6.0.4 - Reflected Cross-Site Scripting

6.1

CVE-2015-9410

Sep 14, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
WordPress Country Selector <= 1.6.5 - Reflected Cross-Site Scripting via AJAX call of check_country_selector	CVE-2022-28290	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	March 30, 2022
Customize Login Image <= 3.4 - Cross-Site Scripting	CVE-2021-33851	5.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N	December 2, 2021
Microsoft Clarity <= 0.3 - Authenticated Stored Cross-Site Scripting	CVE-2021-33850	5.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N	October 18, 2021
Zoho CRM Lead Magnet <= 1.7.2.4 - Cross-Site Scripting	CVE-2021-33849	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	September 1, 2021
GreenMart – Organic & Food WooCommerce WordPress Theme < 2.4.3 - Reflected Cross-Site Scripting	CVE-2020-16140	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	July 17, 2020
Crony Cronjob Manager < 0.4.7 - Cross-Site Request Forgery to Stored Cross-Site Scripting	CVE-2017-14530	8.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	October 27, 2015
PowerPress <= 6.0.4 - Reflected Cross-Site Scripting	CVE-2015-9410	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	September 14, 2015

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation