🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > Larry W. Cashdollar

Larry W. Cashdollar

All Time Ranking

135

All Time Discoveries

Showing 61-80 of 135 Vulnerabilities

Contus Video Comments <= 1.0 - Authorization Bypass

5.3

CVE ID Unknown

Jun 15, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

WPSOLR – Elasticsearch and Solr search <= 8.6 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000155

Apr 12, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

S3 Video <= 0.983 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000148

Apr 12, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Page Layout Builder <= 1.9.3 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000141

Apr 12, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Hero Maps Pro <= 2.1.0 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000137

Apr 12, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

MW Font Changer <= 4.2.5 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000142

Apr 12, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Defa Online Image Protector Free Edition <= 3.4 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000129

Apr 12, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Forget About Shortcode Buttons <= 1.1.1 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000133

Feb 29, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Photoxhibit <= 2.1.8 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000144

Feb 9, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AJAX Random Post <= 2.0.0 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000127

Feb 9, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

New Year Firework <= 1.1.9 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000140

Feb 9, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

E-Search <= 1.0 - Reflected Cross-Site Scripting via title_az parameter

6.1

CVE-2016-1000130

Feb 9, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Pondol Form to Mail <= 1.1 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000146

Feb 9, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Heat Trackr < 1.01 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000136

Feb 9, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Admin Font Editor <= 1.7 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000126

Feb 9, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Bulk change of posts terms and post types <= 1.0 - Reflected Cross-Site Scripting

6.1

CVE ID Unknown

Feb 9, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Anti Plagiarism <= 3.60 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000128

Feb 9, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Simplified Content < 1.0.1 - Reflected Cross-Site Scripting

6.1

CVE-2016-1000150

Feb 9, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Recipes Writer <= 1.0.4 - Cross-Site Scripting

6.1

CVE-2016-1000147

Feb 9, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Easy Contact Form Builder < 1.1 - Cross-Site Scripting

6.1

CVE-2016-1000152

Feb 9, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
Contus Video Comments <= 1.0 - Authorization Bypass		5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	June 15, 2016
WPSOLR – Elasticsearch and Solr search <= 8.6 - Reflected Cross-Site Scripting	CVE-2016-1000155	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	April 12, 2016
S3 Video <= 0.983 - Reflected Cross-Site Scripting	CVE-2016-1000148	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	April 12, 2016
Page Layout Builder <= 1.9.3 - Reflected Cross-Site Scripting	CVE-2016-1000141	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	April 12, 2016
Hero Maps Pro <= 2.1.0 - Reflected Cross-Site Scripting	CVE-2016-1000137	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	April 12, 2016
MW Font Changer <= 4.2.5 - Reflected Cross-Site Scripting	CVE-2016-1000142	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	April 12, 2016
Defa Online Image Protector Free Edition <= 3.4 - Reflected Cross-Site Scripting	CVE-2016-1000129	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	April 12, 2016
Forget About Shortcode Buttons <= 1.1.1 - Reflected Cross-Site Scripting	CVE-2016-1000133	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 29, 2016
Photoxhibit <= 2.1.8 - Reflected Cross-Site Scripting	CVE-2016-1000144	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 9, 2016
AJAX Random Post <= 2.0.0 - Reflected Cross-Site Scripting	CVE-2016-1000127	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 9, 2016
New Year Firework <= 1.1.9 - Reflected Cross-Site Scripting	CVE-2016-1000140	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 9, 2016
E-Search <= 1.0 - Reflected Cross-Site Scripting via title_az parameter	CVE-2016-1000130	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 9, 2016
Pondol Form to Mail <= 1.1 - Reflected Cross-Site Scripting	CVE-2016-1000146	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 9, 2016
Heat Trackr < 1.01 - Reflected Cross-Site Scripting	CVE-2016-1000136	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 9, 2016
Admin Font Editor <= 1.7 - Reflected Cross-Site Scripting	CVE-2016-1000126	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 9, 2016
Bulk change of posts terms and post types <= 1.0 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 9, 2016
Anti Plagiarism <= 3.60 - Reflected Cross-Site Scripting	CVE-2016-1000128	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 9, 2016
Simplified Content < 1.0.1 - Reflected Cross-Site Scripting	CVE-2016-1000150	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 9, 2016
Recipes Writer <= 1.0.4 - Cross-Site Scripting	CVE-2016-1000147	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 9, 2016
Easy Contact Form Builder < 1.1 - Cross-Site Scripting	CVE-2016-1000152	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 9, 2016

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation