Marco Wotschka

Vulnerabilities Discovered:

203
All Time Discoveries
23
Discoveries since Aug 30, 2023

Showing 1-20 of 203 vulnerabilities

Title CVE ID CVSS Vector Date
Modern Events Calendar lite < 7.1.0 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-4021 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 28, 2023
BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting CVE-2023-4920 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 25, 2023
BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Profile Creation CVE-2023-4935 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 25, 2023
BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Profile Deletion CVE-2023-4935 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 25, 2023
BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Deletion CVE-2023-4923 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L September 25, 2023
BEAR <= 1.1.3.3 - Missing Authorization to Product Deletion CVE-2023-4924 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L September 25, 2023
BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Deletion CVE-2023-4926 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L September 25, 2023
BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation CVE-2023-4942 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 25, 2023
BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation CVE-2023-4943 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N September 25, 2023
BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation CVE-2023-4940 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 25, 2023
BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation CVE-2023-4937 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 25, 2023
BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation CVE-2023-4941 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N September 25, 2023
BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation CVE-2023-4938 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N September 25, 2023
Ad Inserter <= 2.7.30 - Unauthenticated Sensitive Information Exposure via ai-debug-processing-fe CVE-2023-4668 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N September 22, 2023
Ad Inserter <= 2.7.30 - Unauthenticated Sensitive Information Exposure via ai_ajax CVE-2023-4645 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N September 22, 2023
Website Builder by SeedProd <= 6.15.13.1 - Cross-Site Request Forgery to Settings Update CVE-2023-4975 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 18, 2023
Essential Blocks <= 4.2.0 - Unauthenticated PHP Object Injection via queries CVE-2023-4386 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H September 13, 2023
WP Customer Reviews <= 3.6.6 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-4648 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 13, 2023
Essential Blocks <= 4.2.0 - Unauthenticated PHP Object Injection via products CVE-2023-4402 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H September 13, 2023
Dropbox Folder Share <= 1.9.7 - Unauthenticated Local File Inclusion CVE-2023-4488 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H September 12, 2023

Share this researcher's vulnerability discoveries

All the threat data shared in this database is powered by Wordfence Intelligence Enterprise.
Interested in integrating this data into your platform or network?
Contact us now to discuss API access to our Wordfence Intelligence Enterprise Data Feeds.

Inquire Now

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation