🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > Hassan Khan Yusufzai

Hassan Khan Yusufzai

209

All Time Ranking

All Time Discoveries

9 Vulnerabilities

WP Go Maps (formerly WP Google Maps) <= 9.0.34 - Information Exposure to Potential Denial of Service

5.3

CVE-2023-6777

Mar 18, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

StaffList <= 3.1.2 - Authenticated SQL Injection

7.2

CVE-2022-1556

May 2, 2022

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Curtain <= 1.0.2 - Authenticated (Admin+) Stored Cross-Site Scripting

5.5

CVE-2022-1558

Apr 27, 2022

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

Admin Word Count Column <= 2.2 - Unauthenticated Arbitrary File Read

6.5

CVE-2022-1390

Apr 20, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

ULeak Security & Monitoring Plugin <= 1.2.3 - Stored Cross-Site Scripting

6.4

CVE-2022-1557

Mar 31, 2022

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Clipr <= 1.2.3 - Admin+ Stored Cross-Site Scripting

5.9

CVE-2022-1559

Mar 30, 2022

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

Videos sync PDF <= 1.7.4 - Unauthenticated Local File Inclusion

9.8

CVE-2022-1392

Mar 30, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Admin Word Count Column <= 2.2 - Arbitrary File Read

9.8

CVE ID Unknown

Mar 27, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Amministrazione Aperta <= 3.7.3 - Admin+ Local File Inclusion

5.4

CVE-2022-1560

Mar 23, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
WP Go Maps (formerly WP Google Maps) <= 9.0.34 - Information Exposure to Potential Denial of Service	CVE-2023-6777	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L	March 18, 2024
StaffList <= 3.1.2 - Authenticated SQL Injection	CVE-2022-1556	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	May 2, 2022
Curtain <= 1.0.2 - Authenticated (Admin+) Stored Cross-Site Scripting	CVE-2022-1558	5.5	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N	April 27, 2022
Admin Word Count Column <= 2.2 - Unauthenticated Arbitrary File Read	CVE-2022-1390	6.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N	April 20, 2022
ULeak Security & Monitoring Plugin <= 1.2.3 - Stored Cross-Site Scripting	CVE-2022-1557	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	March 31, 2022
Clipr <= 1.2.3 - Admin+ Stored Cross-Site Scripting	CVE-2022-1559	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L	March 30, 2022
Videos sync PDF <= 1.7.4 - Unauthenticated Local File Inclusion	CVE-2022-1392	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 30, 2022
Admin Word Count Column <= 2.2 - Arbitrary File Read		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 27, 2022
Amministrazione Aperta <= 3.7.3 - Admin+ Local File Inclusion	CVE-2022-1560	5.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N	March 23, 2022

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation