Wordfence Intelligence   >   Vulnerability Researchers   >   Dmitrii Ignatyev

Dmitrii Ignatyev

Organization: CleanTalk Inc

22
All Time Ranking
139
All Time Discoveries

About

As a pentester, I possess a diverse range of skills that allow me to effectively assess and secure digital systems. My experience includes conducting audits of information systems, web applications, and network infrastructure and access points. I also have a strong background in moderating and promoting bug bounty platforms, helping to create a more secure online environment.

Showing 1-20 of 139 Vulnerabilities

Category Posts Widget <= 4.9.16 & Pro < 4.9.13 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2024-6158
Jul 19, 2024
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Page Builder Gutenberg Blocks – CoBlocks <= 3.1.11 - Authenticated (Contributor+) Server-Side Request Forgery
4.3
CVE-2024-4260
Jul 2, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Insert or Embed Articulate Content into WordPress <= 4.3000000023 - Authenticated (Author+) Arbitrary File Upload
8.8
CVE-2024-5630
Jun 24, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Ditty – Responsive News Tickers, Sliders, and Lists <= 3.1.42 - Authenticated (Author+) Stored Cross-Site Scripting
6.4
CVE-2024-5575
Jun 22, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
WordPress Button Plugin MaxButtons <= 9.7.7 - Authenticated (Editor+) Stored Cross-Site Scripting
5.5
CVE-2024-3026
Jun 22, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Image Photo Gallery Final Tiles Grid <= 2.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-3710
Jun 22, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Shortcodes Ultimate Pro <= 7.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-4217
Jun 22, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Social Media Widget <= 4.0.8 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2024-0974
Jun 21, 2024
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Inline Related Posts <= 3.6.0 - Reflected Cross-Site Scripting
6.1
CVE-2024-5626
Jun 21, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Ultimate Blocks – WordPress Blocks Plugin <= 3.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-4655
Jun 20, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Quiz and Survey Master <= 9.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-6025
Jun 20, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Slider by 10Web <= 1.2.55 - Authenticated (Editor+) Stored Cross-Site Scripting
5.5
CVE-2024-6026
Jun 20, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Easy Table of Contents <= 2.0.67 - Authenticated (Editor+) Stored Cross-Site Scripting
4.4
CVE-2024-6334
Jun 18, 2024
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Business Directory Plugin <= 6.4.3 - Authenticated (Author+) CSV Injection
7.4
CVE-2023-5527
Jun 17, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Rank Math SEO <= 1.0.218 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2024-4627
Jun 11, 2024
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder <= 1.15.25 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2024-6130
Jun 10, 2024
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
H5P <= 1.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-3111
Jun 6, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Easy Table of Contents <= 2.0.65 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2024-5573
Jun 5, 2024
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
SEOPress <= 7.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-4899
Jun 3, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
SEOPress <= 7.7.2 - Authenticated (Contributor+) Open Redirect
6.4
CVE-2024-4900
Jun 3, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
Category Posts Widget <= 4.9.16 & Pro < 4.9.13 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2024-6158 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N July 19, 2024
Page Builder Gutenberg Blocks – CoBlocks <= 3.1.11 - Authenticated (Contributor+) Server-Side Request Forgery CVE-2024-4260 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N July 2, 2024
Insert or Embed Articulate Content into WordPress <= 4.3000000023 - Authenticated (Author+) Arbitrary File Upload CVE-2024-5630 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H June 24, 2024
Ditty – Responsive News Tickers, Sliders, and Lists <= 3.1.42 - Authenticated (Author+) Stored Cross-Site Scripting CVE-2024-5575 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N June 22, 2024
WordPress Button Plugin MaxButtons <= 9.7.7 - Authenticated (Editor+) Stored Cross-Site Scripting CVE-2024-3026 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N June 22, 2024
Image Photo Gallery Final Tiles Grid <= 2.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-3710 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N June 22, 2024
Shortcodes Ultimate Pro <= 7.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-4217 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N June 22, 2024
Social Media Widget <= 4.0.8 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2024-0974 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 21, 2024
Inline Related Posts <= 3.6.0 - Reflected Cross-Site Scripting CVE-2024-5626 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 21, 2024
Ultimate Blocks – WordPress Blocks Plugin <= 3.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-4655 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N June 20, 2024
Quiz and Survey Master <= 9.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-6025 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N June 20, 2024
Slider by 10Web <= 1.2.55 - Authenticated (Editor+) Stored Cross-Site Scripting CVE-2024-6026 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N June 20, 2024
Easy Table of Contents <= 2.0.67 - Authenticated (Editor+) Stored Cross-Site Scripting CVE-2024-6334 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 18, 2024
Business Directory Plugin <= 6.4.3 - Authenticated (Author+) CSV Injection CVE-2023-5527 7.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L June 17, 2024
Rank Math SEO <= 1.0.218 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2024-4627 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 11, 2024
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder <= 1.15.25 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2024-6130 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 10, 2024
H5P <= 1.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-3111 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N June 6, 2024
Easy Table of Contents <= 2.0.65 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2024-5573 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N June 5, 2024
SEOPress <= 7.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-4899 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N June 3, 2024
SEOPress <= 7.7.2 - Authenticated (Contributor+) Open Redirect CVE-2024-4900 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N June 3, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation