Wordfence Intelligence   >   Vulnerability Researchers   >   Joshua Chan

Joshua Chan

31
All Time Ranking
97
All Time Discoveries

About

Penetration Tester, Security Researcher

Showing 81-97 of 97 Vulnerabilities

WP Optin Wheel <= 1.4.2 - Sensitive Information Exposure via Log File
5.3
CVE-2023-51408
Dec 27, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
FastDup <= 2.1.7 - Sensitive Information Exposure via Log File
5.3
CVE-2023-51406
Dec 27, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Defender Security <= 4.1.0 - Sensitive Information Exposure via Log File
5.3
CVE-2023-51490
Dec 27, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Database Cleaner <= 0.9.8 - Sensitive Information Exposure via Log File
5.3
CVE-2023-51508
Dec 27, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CF7 Google Sheets Connector <= 5.0.5 - Unauthenticated Sensitive Information Exposure via Debug Log
7.5
CVE-2023-44989
Nov 30, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
WP Retina 2x <= 6.4.5 - Sensitive Information Exposure
5.3
CVE-2023-44982
Nov 28, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Media File Renamer <= 5.6.9 - Sensitive Information Exposure via Log File
5.3
CVE-2023-44991
Nov 28, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Aruba HiSpeed Cache <= 2.0.6 - Sensitive Information Exposure via Log File
5.3
CVE-2023-44983
Nov 28, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
BigCommerce <= 5.0.7 - Unauthenticated Sensitive Information Exposure
5.3
CVE-2023-49162
Nov 28, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Debug Log Manager <= 2.2.1 - Missing Authorization
4.3
CVE-2023-6136
Nov 23, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Accept Stripe Payments <= 2.0.79 - Unauthenticated Content Injection
5.3
CVE-2023-48285
Nov 23, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Accept Stripe Payments <= 2.0.79 - Insecure Direct Object Reference
5.3
CVE-2023-48286
Nov 23, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Cloud Templates & Patterns collection <= 1.2.2 - Sensitive Information Exposure via Log File
5.3
CVE-2023-47529
Nov 7, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Restrict Content <= 3.2.7 - Information Exposure via legacy log file
5.3
CVE-2023-47668
Nov 6, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
404 Solution <= 2.33.0 - Sensitive Information Exposure
5.3
CVE ID Unknown
Oct 16, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Image Regenerate & Select Crop <= 7.3.0 - Sensitive Information Exposure
5.3
CVE-2023-46820
Oct 9, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
ProfilePress <= 4.13.2 - Information Disclosure via Debug Log
5.3
CVE-2023-44150
Oct 2, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Title CVE ID CVSS Vector Date
WP Optin Wheel <= 1.4.2 - Sensitive Information Exposure via Log File CVE-2023-51408 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N December 27, 2023
FastDup <= 2.1.7 - Sensitive Information Exposure via Log File CVE-2023-51406 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N December 27, 2023
Defender Security <= 4.1.0 - Sensitive Information Exposure via Log File CVE-2023-51490 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N December 27, 2023
Database Cleaner <= 0.9.8 - Sensitive Information Exposure via Log File CVE-2023-51508 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N December 27, 2023
CF7 Google Sheets Connector <= 5.0.5 - Unauthenticated Sensitive Information Exposure via Debug Log CVE-2023-44989 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N November 30, 2023
WP Retina 2x <= 6.4.5 - Sensitive Information Exposure CVE-2023-44982 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N November 28, 2023
Media File Renamer <= 5.6.9 - Sensitive Information Exposure via Log File CVE-2023-44991 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N November 28, 2023
Aruba HiSpeed Cache <= 2.0.6 - Sensitive Information Exposure via Log File CVE-2023-44983 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N November 28, 2023
BigCommerce <= 5.0.7 - Unauthenticated Sensitive Information Exposure CVE-2023-49162 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N November 28, 2023
Debug Log Manager <= 2.2.1 - Missing Authorization CVE-2023-6136 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L November 23, 2023
Accept Stripe Payments <= 2.0.79 - Unauthenticated Content Injection CVE-2023-48285 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N November 23, 2023
Accept Stripe Payments <= 2.0.79 - Insecure Direct Object Reference CVE-2023-48286 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N November 23, 2023
Cloud Templates & Patterns collection <= 1.2.2 - Sensitive Information Exposure via Log File CVE-2023-47529 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N November 7, 2023
Restrict Content <= 3.2.7 - Information Exposure via legacy log file CVE-2023-47668 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N November 6, 2023
404 Solution <= 2.33.0 - Sensitive Information Exposure 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N October 16, 2023
Image Regenerate & Select Crop <= 7.3.0 - Sensitive Information Exposure CVE-2023-46820 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N October 9, 2023
ProfilePress <= 4.13.2 - Information Disclosure via Debug Log CVE-2023-44150 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N October 2, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation