Wordfence Intelligence   >   Vulnerability Researchers   >   cydave

cydave

32
All Time Ranking
89
All Time Discoveries

Showing 81-89 of 89 Vulnerabilities

SpeakOut! Email Petitions < 2.14.15.1 - Unauthenticated SQL Injection
9.8
CVE-2022-0846
Mar 7, 2022
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Church Admin <= 3.4.134 - Cross-Site Request Forgery leading to Plugin Backup Disclosure
4.3
CVE-2022-0833
Mar 7, 2022
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
WooCommerce Affiliate Plugin - Coupon Affiliates < 4.16.4.5 - Stored Cross-Site Scripting
7.2
CVE-2022-0818
Mar 2, 2022
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Narnoo Distributor <= 2.5.1 - Path Traversal
7.5
CVE-2022-0679
Mar 1, 2022
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
BookingPress < 1.0.11 - SQL Injection
9.8
CVE-2022-0739
Feb 28, 2022
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Infographic Maker – iList <= 4.3.7 - SQL Injection
9.8
CVE-2022-0747
Feb 28, 2022
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Advanced Booking Calendar <= 1.6.9 - Unauthenticated SQL Injection
9.8
CVE-2022-0694
Feb 28, 2022
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Simple Link Directory <= 7.7.1 - Unauthenticated SQL Injection
9.8
CVE-2022-0760
Feb 28, 2022
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CommonsBooking < 2.6.8 - Unauthenticated SQL Injection
9.8
CVE-2022-0658
Feb 21, 2022
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Title CVE ID CVSS Vector Date
SpeakOut! Email Petitions < 2.14.15.1 - Unauthenticated SQL Injection CVE-2022-0846 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H March 7, 2022
Church Admin <= 3.4.134 - Cross-Site Request Forgery leading to Plugin Backup Disclosure CVE-2022-0833 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N March 7, 2022
WooCommerce Affiliate Plugin - Coupon Affiliates < 4.16.4.5 - Stored Cross-Site Scripting CVE-2022-0818 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N March 2, 2022
Narnoo Distributor <= 2.5.1 - Path Traversal CVE-2022-0679 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N March 1, 2022
BookingPress < 1.0.11 - SQL Injection CVE-2022-0739 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H February 28, 2022
Infographic Maker – iList <= 4.3.7 - SQL Injection CVE-2022-0747 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H February 28, 2022
Advanced Booking Calendar <= 1.6.9 - Unauthenticated SQL Injection CVE-2022-0694 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H February 28, 2022
Simple Link Directory <= 7.7.1 - Unauthenticated SQL Injection CVE-2022-0760 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H February 28, 2022
CommonsBooking < 2.6.8 - Unauthenticated SQL Injection CVE-2022-0658 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H February 21, 2022

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation