Fariq Fadillah Gusti Insani

Wordfence Intelligence   >   Vulnerability Researchers   >   Fariq Fadillah Gusti Insani

Vulnerabilities Discovered:

9
All Time Discoveries
0
Discoveries since Aug 29, 2023

9 vulnerabilities

WPSchoolPress <= 2.2.3 - Missing Authorization
5.4
CVE-2023-37887
Jul 11, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
JS Help Desk – Best Help Desk & Support Plugin <= 2.7.7 - Authenticated (Subscriber+) Insecure Direct Object Reference
6.3
CVE-2023-23679
Jun 20, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Stamped.io Product Reviews & UGC for WooCommerce <= 2.3.2 - Missing Authorization
6.5
CVE-2023-30479
Apr 13, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
JS Job Manager <= 2.0.0 - Missing Authorization
6.5
CVE-2023-28689
Mar 21, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
WP Job Portal <= 2.0.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting
6.4
CVE-2023-28534
Mar 17, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
JS Job Manager <= 2.0.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via title
6.4
CVE-2023-25963
Feb 21, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
JobBoardWP <= 1.2.2 - Missing Authorization to Job Posting Manipulation
6.5
CVE-2023-23715
Jan 25, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Yoast SEO <= 17.2 - Full Path Disclosure
5.3
CVE-2021-25118
Oct 5, 2021
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
15Zine | Magazine Newspaper Blog News WordPress Theme < 3.3.0 - Reflected Cross-Site Scripting
6.1
CVE-2020-36510
Sep 21, 2020
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
WPSchoolPress <= 2.2.3 - Missing Authorization CVE-2023-37887 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N July 11, 2023
JS Help Desk – Best Help Desk & Support Plugin <= 2.7.7 - Authenticated (Subscriber+) Insecure Direct Object Reference CVE-2023-23679 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L June 20, 2023
Stamped.io Product Reviews & UGC for WooCommerce <= 2.3.2 - Missing Authorization CVE-2023-30479 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N April 13, 2023
JS Job Manager <= 2.0.0 - Missing Authorization CVE-2023-28689 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N March 21, 2023
WP Job Portal <= 2.0.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting CVE-2023-28534 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N March 17, 2023
JS Job Manager <= 2.0.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via title CVE-2023-25963 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 21, 2023
JobBoardWP <= 1.2.2 - Missing Authorization to Job Posting Manipulation CVE-2023-23715 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L January 25, 2023
Yoast SEO <= 17.2 - Full Path Disclosure CVE-2021-25118 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N October 5, 2021
15Zine | Magazine Newspaper Blog News WordPress Theme < 3.3.0 - Reflected Cross-Site Scripting CVE-2020-36510 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N September 21, 2020

Share this researcher's vulnerability discoveries

All the threat data shared in this database is powered by Wordfence Intelligence Enterprise.
Interested in integrating this data into your platform or network?
Contact us now to discuss API access to our Wordfence Intelligence Enterprise Data Feeds.

Inquire Now

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation