Wordfence Intelligence   >   Vulnerability Researchers   >   Le Ngoc Anh

Le Ngoc Anh

Organization: sun*inc

32
All Time Ranking
96
All Time Discoveries

Showing 81-96 of 96 Vulnerabilities

WP Testimonials <= 1.4.3 - Authenticated (Contributor+) SQL Injection
8.8
CVE-2024-25924
Jan 12, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Page Builder: Live Composer <= 1.5.25 - Authenticated (Author+) PHP Object Injection
8.8
CVE-2023-52206
Jan 3, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
SP Project & Document Manager <= 4.67 - Authenticated (Subscriber+) SQL Injection
8.8
CVE-2023-36677
Jun 30, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Short URL <= 1.6.4 - Authenticated (Subscriber+) SQL Injection
8.8
CVE-2022-46860
Jun 28, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
WP Booklet <= 2.1.8 - Authenticated (Subscriber+) Remote Code Execution
8.8
CVE-2023-22677
Jan 13, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Advanced Page Visit Counter <= 8.0.6 - Authenticated (Administrator+) SQL Injection
9.1
CVE-2024-32098
Apr 11, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Product Feed on WooCommerce for Google <= 3.5.7 - Authenticated (Administrator+) SQL Injection
9.1
CVE-2024-32087
Apr 11, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
LearnPress Export Import <= 4.0.3 - Authenticated (Administrator+) SQL Injection
9.1
CVE-2024-31241
Apr 5, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
ChatBot <= 5.1.0 - Unauthenticated PHP Object Injection
9.8
CVE-2024-22309
Jan 19, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Asgaros Forum <= 2.7.2 - Unauthenticated PHP Object Injection in prepare_unread_status
9.8
CVE-2024-22284
Jan 16, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Email posts to subscribers <= 6.2 - Unauthenticated SQL Injection
9.8
CVE-2022-46818
Apr 19, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ARMember <= 3.4.11 - Unauthenticated SQL Injection
9.8
CVE-2022-46808
Mar 27, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Shipment Tracking, Tracking, and Order Tracking for WooCommerce – ParcelPanel (Free to install) <= 3.8.2 - Authenticated (Subscriber+) SQL Injection
9.9
CVE-2024-34412
May 6, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Find Duplicates <= 1.4.6 - Authenticated (Subscriber+) SQL Injection
9.9
CVE-2024-32127
Apr 12, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Media Library Folders <= 8.1.7 - Authenticated (Author+) SQL Injection
9.9
CVE-2024-30486
Mar 28, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Contact Form to Any API <= 1.1.8 - Authenticated (Subscriber+) SQL Injection
9.9
CVE-2024-30242
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Title CVE ID CVSS Vector Date
WP Testimonials <= 1.4.3 - Authenticated (Contributor+) SQL Injection CVE-2024-25924 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H January 12, 2024
Page Builder: Live Composer <= 1.5.25 - Authenticated (Author+) PHP Object Injection CVE-2023-52206 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H January 3, 2024
SP Project & Document Manager <= 4.67 - Authenticated (Subscriber+) SQL Injection CVE-2023-36677 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H June 30, 2023
Short URL <= 1.6.4 - Authenticated (Subscriber+) SQL Injection CVE-2022-46860 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H June 28, 2023
WP Booklet <= 2.1.8 - Authenticated (Subscriber+) Remote Code Execution CVE-2023-22677 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H January 13, 2023
Advanced Page Visit Counter <= 8.0.6 - Authenticated (Administrator+) SQL Injection CVE-2024-32098 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H April 11, 2024
Product Feed on WooCommerce for Google <= 3.5.7 - Authenticated (Administrator+) SQL Injection CVE-2024-32087 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H April 11, 2024
LearnPress Export Import <= 4.0.3 - Authenticated (Administrator+) SQL Injection CVE-2024-31241 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H April 5, 2024
ChatBot <= 5.1.0 - Unauthenticated PHP Object Injection CVE-2024-22309 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 19, 2024
Asgaros Forum <= 2.7.2 - Unauthenticated PHP Object Injection in prepare_unread_status CVE-2024-22284 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 16, 2024
Email posts to subscribers <= 6.2 - Unauthenticated SQL Injection CVE-2022-46818 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H April 19, 2023
ARMember <= 3.4.11 - Unauthenticated SQL Injection CVE-2022-46808 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H March 27, 2023
Shipment Tracking, Tracking, and Order Tracking for WooCommerce – ParcelPanel (Free to install) <= 3.8.2 - Authenticated (Subscriber+) SQL Injection CVE-2024-34412 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H May 6, 2024
Find Duplicates <= 1.4.6 - Authenticated (Subscriber+) SQL Injection CVE-2024-32127 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H April 12, 2024
Media Library Folders <= 8.1.7 - Authenticated (Author+) SQL Injection CVE-2024-30486 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 28, 2024
Contact Form to Any API <= 1.1.8 - Authenticated (Subscriber+) SQL Injection CVE-2024-30242 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 26, 2024

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation