🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > Larry W. Cashdollar

Larry W. Cashdollar

All Time Ranking

135

All Time Discoveries

Showing 21-40 of 135 Vulnerabilities

Fast Image Adder < 1.2 - Arbitrary File Upload

9.8

CVE-2015-1000001

Feb 19, 2017

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Csv2WPeC Coupon <= 1.1 - Arbitrary File Upload

9.8

CVE-2015-1000013

Nov 23, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Contus Video Comments <= 1.0 - Remote File Upload

9.8

CVE-2016-1000112

Jun 22, 2016

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Double Opt-In for Download <= 2.0.8 - SQL Injection

9.8

CVE-2015-7517

Nov 24, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

MyPixs <= 0.3 - Local File Inclusion

9.8

CVE-2015-1000012

Sep 15, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

DukaPress <= 2.5.9 - Blind SQL Injection

9.8

CVE-2015-1000011

Aug 22, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

WPE Indoshipping <= 2.5.0 - Arbitrary File Upload

9.8

CVE ID Unknown

Jul 13, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

WP Front-End Repository Manager <= 1.1 - Unauthenticated Arbitrary File Upload

9.8

CVE ID Unknown

Jul 12, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

filedownload < 1.4 - Blind SQL Injection

9.8

CVE-2015-1000003

Jul 11, 2015

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

MailCWP <= 1.100 - Arbitrary File Upload

9.8

CVE-2016-1000156

Jul 10, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

MailCWP <= 1.100 - Arbitrary File Upload

9.8

CVE-2015-1000000

Jul 9, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Powerplay Gallery <= 3.3 - Arbitrary File Upload

9.8

CVE-2015-5681

Jul 1, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Powerplay Gallery <= 3.3 - Arbitrary File Upload

9.8

CVE-2015-5682

Jul 1, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Powerplay Gallery <= 3.3 - SQL Injection

9.8

CVE-2015-5599

Jun 27, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Aviary Image Editor Add-on For Gravity Forms <= 3.0 (Beta r7) - Arbitrary File Upload

9.8

CVE-2015-4455

Jun 9, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Easy2Map <= 1.2.4 - SQL Injection

9.8

CVE-2015-4614

Jun 8, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Easy2Map Photos <= 1.0.9 - SQL Injection

9.8

CVE-2015-4615

Jun 8, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SE HTML5 Album Audio Player <= 1.1.0 - Directory Traversal

9.8

CVE-2015-4414

Jun 6, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Backup, Restore and Migrate WordPress Sites With the XCloner Plugin <= 3.1.2 - Remote Code Execution

9.8

CVE-2015-4338

May 10, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Webcam Video Conference <= 4.91.8 - Unrestricted File Upload leading to Remote Code Execuction

9.8

CVE-2015-9271

Mar 29, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Title	CVE ID	CVSS	Vector	Date
Fast Image Adder < 1.2 - Arbitrary File Upload	CVE-2015-1000001	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	February 19, 2017
Csv2WPeC Coupon <= 1.1 - Arbitrary File Upload	CVE-2015-1000013	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	November 23, 2016
Contus Video Comments <= 1.0 - Remote File Upload	CVE-2016-1000112	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	June 22, 2016
Double Opt-In for Download <= 2.0.8 - SQL Injection	CVE-2015-7517	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	November 24, 2015
MyPixs <= 0.3 - Local File Inclusion	CVE-2015-1000012	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	September 15, 2015
DukaPress <= 2.5.9 - Blind SQL Injection	CVE-2015-1000011	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	August 22, 2015
WPE Indoshipping <= 2.5.0 - Arbitrary File Upload		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	July 13, 2015
WP Front-End Repository Manager <= 1.1 - Unauthenticated Arbitrary File Upload		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	July 12, 2015
filedownload < 1.4 - Blind SQL Injection	CVE-2015-1000003	9.8	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	July 11, 2015
MailCWP <= 1.100 - Arbitrary File Upload	CVE-2016-1000156	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	July 10, 2015
MailCWP <= 1.100 - Arbitrary File Upload	CVE-2015-1000000	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	July 9, 2015
Powerplay Gallery <= 3.3 - Arbitrary File Upload	CVE-2015-5681	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	July 1, 2015
Powerplay Gallery <= 3.3 - Arbitrary File Upload	CVE-2015-5682	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	July 1, 2015
Powerplay Gallery <= 3.3 - SQL Injection	CVE-2015-5599	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	June 27, 2015
Aviary Image Editor Add-on For Gravity Forms <= 3.0 (Beta r7) - Arbitrary File Upload	CVE-2015-4455	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	June 9, 2015
Easy2Map <= 1.2.4 - SQL Injection	CVE-2015-4614	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	June 8, 2015
Easy2Map Photos <= 1.0.9 - SQL Injection	CVE-2015-4615	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	June 8, 2015
SE HTML5 Album Audio Player <= 1.1.0 - Directory Traversal	CVE-2015-4414	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	June 6, 2015
Backup, Restore and Migrate WordPress Sites With the XCloner Plugin <= 3.1.2 - Remote Code Execution	CVE-2015-4338	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	May 10, 2015
Webcam Video Conference <= 4.91.8 - Unrestricted File Upload leading to Remote Code Execuction	CVE-2015-9271	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 29, 2015

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation