🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > Jerome Bruandet

Jerome Bruandet

Organization: NinTechNet

All Time Ranking

212

All Time Discoveries

Showing 181-200 of 212 Vulnerabilities

Defender Security <= 2.4.6 - Cross-Site Request Forgery Bypass

4.3

CVE-2021-4425

Mar 1, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

WP Quick FrontEnd Editor <= 5.5 - Authenticated Settings Change

4.3

CVE-2021-4371

Jan 12, 2021

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.6.3 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36735

Sep 26, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce <= 1.5.15 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36736

Sep 26, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Hueman <= 3.6.3 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36753

Sep 26, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Customizr <= 4.3.0 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36755

Sep 26, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Ocean Extra <=1.6.5 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36760

Sep 26, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Import / Export Customizer Settings <= 1.0.3 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36737

Sep 16, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Cool Timeline (Horizontal & Vertical Timeline) <= 2.0.2 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36738

Sep 16, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Feed Them Social – Page, Post, Video, and Photo Galleries <= 2.8.6 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36739

Sep 16, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Radio Buttons for Taxonomies <= 2.0.5 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36740

Sep 16, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

MultiVendorX – MultiVendor Marketplace Solution For WooCommerce <= 3.5.7 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36741

Sep 16, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Custom Field Template <= 2.5.1 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36742

Sep 16, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Product Catalog Simple <= 1.5.13 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36743

Sep 16, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

NotificationX <= 1.8.2 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36744

Sep 16, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

WP Project Manager <= 2.4.0 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36745

Sep 16, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Menu Swapper <= 1.1.0.2 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36746

Sep 16, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Lightweight Sidebar Manager <= 1.1.4 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36747

Sep 16, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Dokan <= 3.0.8 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36748

Sep 16, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Easy Testimonials <= 3.6.1 - Cross-Site Request Forgery Bypass

4.3

CVE-2020-36749

Sep 16, 2020

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
Defender Security <= 2.4.6 - Cross-Site Request Forgery Bypass	CVE-2021-4425	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	March 1, 2021
WP Quick FrontEnd Editor <= 5.5 - Authenticated Settings Change	CVE-2021-4371	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	January 12, 2021
WP ERP \| Complete HR solution with recruitment & job listings \| WooCommerce CRM & Accounting <= 1.6.3 - Cross-Site Request Forgery Bypass	CVE-2020-36735	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 26, 2020
WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce <= 1.5.15 - Cross-Site Request Forgery Bypass	CVE-2020-36736	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 26, 2020
Hueman <= 3.6.3 - Cross-Site Request Forgery Bypass	CVE-2020-36753	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 26, 2020
Customizr <= 4.3.0 - Cross-Site Request Forgery Bypass	CVE-2020-36755	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 26, 2020
Ocean Extra <=1.6.5 - Cross-Site Request Forgery Bypass	CVE-2020-36760	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 26, 2020
Import / Export Customizer Settings <= 1.0.3 - Cross-Site Request Forgery Bypass	CVE-2020-36737	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 16, 2020
Cool Timeline (Horizontal & Vertical Timeline) <= 2.0.2 - Cross-Site Request Forgery Bypass	CVE-2020-36738	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 16, 2020
Feed Them Social – Page, Post, Video, and Photo Galleries <= 2.8.6 - Cross-Site Request Forgery Bypass	CVE-2020-36739	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 16, 2020
Radio Buttons for Taxonomies <= 2.0.5 - Cross-Site Request Forgery Bypass	CVE-2020-36740	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 16, 2020
MultiVendorX – MultiVendor Marketplace Solution For WooCommerce <= 3.5.7 - Cross-Site Request Forgery Bypass	CVE-2020-36741	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 16, 2020
Custom Field Template <= 2.5.1 - Cross-Site Request Forgery Bypass	CVE-2020-36742	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 16, 2020
Product Catalog Simple <= 1.5.13 - Cross-Site Request Forgery Bypass	CVE-2020-36743	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 16, 2020
NotificationX <= 1.8.2 - Cross-Site Request Forgery Bypass	CVE-2020-36744	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 16, 2020
WP Project Manager <= 2.4.0 - Cross-Site Request Forgery Bypass	CVE-2020-36745	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 16, 2020
Menu Swapper <= 1.1.0.2 - Cross-Site Request Forgery Bypass	CVE-2020-36746	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 16, 2020
Lightweight Sidebar Manager <= 1.1.4 - Cross-Site Request Forgery Bypass	CVE-2020-36747	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 16, 2020
Dokan <= 3.0.8 - Cross-Site Request Forgery Bypass	CVE-2020-36748	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 16, 2020
Easy Testimonials <= 3.6.1 - Cross-Site Request Forgery Bypass	CVE-2020-36749	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 16, 2020

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation