Janek Vind

116
All Time Ranking
18
All Time Discoveries

18 Vulnerabilities

Title CVE ID CVSS Vector Date
Wordfence Security – Firewall & Malware Scan <= 7.1.13 - Reflected Cross-Site Scripting and Information Disclosure 4.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N October 2, 2018
Breadcrumb NavXT <= 6.1.0 - Sensitive Data Exposure 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N September 26, 2018
FV Flowplayer Video Player <= 7.2.0.727 - Reflected Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N September 21, 2018
Album and Image Gallery with Lightbox – Flagallery Photo Portfolio < 2.53 - Sensitive Information Disclosure 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N December 24, 2012
Album and Image Gallery with Lightbox – Flagallery Photo Portfolio <= 2.00 - SQL Injection 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H December 24, 2012
Album and Image Gallery with Lightbox – Flagallery Photo Portfolio <= 2.00 - SQL Injection 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H December 24, 2012
Album and Image Gallery with Lightbox – Flagallery Photo Portfolio <= 2.00 - Arbitrary File Modification 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N December 24, 2012
Album and Image Gallery with Lightbox – Flagallery Photo Portfolio < 3.1.0 - Arbitrary File Deletion 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H December 24, 2012
Album and Image Gallery with Lightbox – Flagallery Photo Portfolio < 2.53 - SQL Injection 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H December 24, 2012
FoxyPress <= 0.4.2.6 - Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N October 30, 2012
FoxyPress <= 0.4.9 - SQL Injection 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 30, 2012
FoxyPress <= 0.4.9 - Cross-Site Request Forgery 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H October 30, 2012
FoxyPress <= 0.4.2.7 - Open Redirect 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N October 30, 2012
FoxyPress < 0.4.2.6 - Arbitrary File Upload 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 30, 2012
Slideshow < 2.1.13 - Cross-Site Scripting and Sensitive Information Disclosure 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N October 17, 2012
Social Discussions <= 6.1.1 - Remote File Inclusion and Full Path Disclosure 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 17, 2012
Uploadify Integration <= 0.9.7 - Reflected Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 6, 2012
WordPress Core <= 2.3 - Cross-Site Scripting CVE-2007-5710 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 26, 2007

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation