🔎 Have you found a vulnerability in a WordPress plugin or theme? Report vulnerabilities in WordPress plugins and themes through our bug bounty program and earn a bounty on all in-scope submissions, while we handle the responsible disclosure process on your behalf.

Wordfence Intelligence > Vulnerability Researchers > Dhabaleshwar Das

Dhabaleshwar Das

All Time Ranking

198

All Time Discoveries

Showing 1-20 of 198 Vulnerabilities

Arconix Shortcodes <= 2.1.11 - Missing Authorization

5.3

CVE-2024-38769

Jul 19, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Arconix FAQ <= 1.9.4 - Missing Authorization

5.3

CVE-2024-38783

Jul 19, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

4.3

CVE-2024-38763

Jul 12, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Oceanic <= 1.0.48 - Cross-Site Request Forgery

4.3

CVE-2024-38765

Jul 12, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Matomo Analytics <= 5.1.0 - Cross-Site Request Forgery to Notice Dismissal

4.3

CVE-2024-38766

Jul 12, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

i-transform <= 3.0.9 - Cross-Site Request Forgery

4.3

CVE-2024-38764

Jul 12, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Patricia Blog <= 1.2 - Cross-Site Request Forgery

4.3

CVE-2024-38732

Jul 11, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

i-amaze <= 1.3.7 - Cross-Site Request Forgery

4.3

CVE-2024-38731

Jul 11, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Product Delivery Date for WooCommerce – Lite <= 2.7.2 - Missing Authorization

5.3

CVE-2024-38702

Jul 11, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Packlink PRO shipping module <= 3.4.8 - Missing Authorization

4.3

CVE-2024-38740

Jul 11, 2024

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EleForms <= 2.9.9.9 - Missing Authorization

5.3

CVE-2024-38748

Jul 11, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Internal Link Juicer: SEO Auto Linker for WordPress <= 2.24.3 - Cross-Site Request Forgery

4.3

CVE-2024-37941

Jul 9, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Patricia Lite <= 1.2.3 - Cross-Site Request Forgery

4.3

CVE-2024-37939

Jul 9, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Point <= 1.1 - Cross-Site Request Forgery

4.3

CVE-2024-37931

Jul 9, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

SociallyViral <= 1.0.10 - Cross-Site Request Forgery

4.3

CVE-2024-37938

Jul 9, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Get Better Reviews for WooCommerce <= 4.0.6 - Missing Authorization

4.3

CVE-2024-37544

Jul 6, 2024

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Business One Page <= 1.2.9 - Missing Authorization to Notice Dismissal

4.3

CVE-2024-37505

Jul 5, 2024

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Lawyer Landing Page <= 1.2.4 - Cross-Site Request Forgery to Notice Dismissal

4.3

CVE-2024-37503

Jul 5, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Swift Performance Lite <= 2.3.6.20 - Cross-Site Request Forgery

4.3

CVE-2024-37511

Jul 5, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Charitable <= 1.8.1.7 - Missing Authorization via ajax_license_check()

5.3

CVE-2024-37510

Jul 4, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
Arconix Shortcodes <= 2.1.11 - Missing Authorization	CVE-2024-38769	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	July 19, 2024
Arconix FAQ <= 1.9.4 - Missing Authorization	CVE-2024-38783	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	July 19, 2024
Popularis Verse <= 1.0.1 - Cross-Site Request Forgery	CVE-2024-38763	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 12, 2024
Oceanic <= 1.0.48 - Cross-Site Request Forgery	CVE-2024-38765	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 12, 2024
Matomo Analytics <= 5.1.0 - Cross-Site Request Forgery to Notice Dismissal	CVE-2024-38766	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 12, 2024
i-transform <= 3.0.9 - Cross-Site Request Forgery	CVE-2024-38764	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 12, 2024
Patricia Blog <= 1.2 - Cross-Site Request Forgery	CVE-2024-38732	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 11, 2024
i-amaze <= 1.3.7 - Cross-Site Request Forgery	CVE-2024-38731	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 11, 2024
Product Delivery Date for WooCommerce – Lite <= 2.7.2 - Missing Authorization	CVE-2024-38702	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	July 11, 2024
Packlink PRO shipping module <= 3.4.8 - Missing Authorization	CVE-2024-38740	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	July 11, 2024
EleForms <= 2.9.9.9 - Missing Authorization	CVE-2024-38748	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	July 11, 2024
Internal Link Juicer: SEO Auto Linker for WordPress <= 2.24.3 - Cross-Site Request Forgery	CVE-2024-37941	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 9, 2024
Patricia Lite <= 1.2.3 - Cross-Site Request Forgery	CVE-2024-37939	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 9, 2024
Point <= 1.1 - Cross-Site Request Forgery	CVE-2024-37931	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 9, 2024
SociallyViral <= 1.0.10 - Cross-Site Request Forgery	CVE-2024-37938	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 9, 2024
Get Better Reviews for WooCommerce <= 4.0.6 - Missing Authorization	CVE-2024-37544	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	July 6, 2024
Business One Page <= 1.2.9 - Missing Authorization to Notice Dismissal	CVE-2024-37505	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	July 5, 2024
Lawyer Landing Page <= 1.2.4 - Cross-Site Request Forgery to Notice Dismissal	CVE-2024-37503	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 5, 2024
Swift Performance Lite <= 2.3.6.20 - Cross-Site Request Forgery	CVE-2024-37511	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 5, 2024
Charitable <= 1.8.1.7 - Missing Authorization via ajax_license_check()	CVE-2024-37510	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	July 4, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation