Wordfence Intelligence   >   Vulnerability Researchers   >   Marco Wotschka

Marco Wotschka

Organization: Wordfence

9
All Time Ranking
228
All Time Discoveries

1 Achievement

Learn more about Achievements
Wordfence Vulnerability Researcher
Wordfence Vulnerability Researcher
November 13, 2023
Learn more Learn more about Achievements

Showing 221-228 of 228 Vulnerabilities

WP Meta SEO <= 4.5.3 - Missing Authorization in 'listPostsCategory'
4.3
CVE-2023-1026
Feb 24, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Custom 404 Pro <= 3.7.1 - Cross-Site Request Forgery
4.3
CVE-2023-0385
Jan 18, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
My YouTube Channel <= 3.0.12.1 - Missing Authorization
4.3
CVE-2023-0447
Jan 4, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Mediamatic – Media Library Folders <= 2.8.1 - Missing Authorization
4.3
CVE-2023-0293
Dec 14, 2022
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
TeraWallet – For WooCommerce <= 1.4.3 - Insecure Direct Object Reference
4.3
CVE-2022-3995
Oct 31, 2022
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Welcart e-Commerce <= 2.9.6 - Authenticated (Administrator+) Directory Traversal
4.1
CVE-2023-6120
Dec 8, 2023
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N
Multiple Page Generator Plugin <= 3.3.17 - Cross-Site Request Forgery to SQL Injection
3.1
CVE-2023-2608
May 16, 2023
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
Active Directory Integration / LDAP Integration <= 4.1.4 - Cross-Site Request Forgery to SQL Injection
3.1
CVE-2023-2599
May 12, 2023
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
Title CVE ID CVSS Vector Date
WP Meta SEO <= 4.5.3 - Missing Authorization in 'listPostsCategory' CVE-2023-1026 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N February 24, 2023
Custom 404 Pro <= 3.7.1 - Cross-Site Request Forgery CVE-2023-0385 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N January 18, 2023
My YouTube Channel <= 3.0.12.1 - Missing Authorization CVE-2023-0447 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N January 4, 2023
Mediamatic – Media Library Folders <= 2.8.1 - Missing Authorization CVE-2023-0293 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N December 14, 2022
TeraWallet – For WooCommerce <= 1.4.3 - Insecure Direct Object Reference CVE-2022-3995 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N October 31, 2022
Welcart e-Commerce <= 2.9.6 - Authenticated (Administrator+) Directory Traversal CVE-2023-6120 4.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N December 8, 2023
Multiple Page Generator Plugin <= 3.3.17 - Cross-Site Request Forgery to SQL Injection CVE-2023-2608 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L May 16, 2023
Active Directory Integration / LDAP Integration <= 4.1.4 - Cross-Site Request Forgery to SQL Injection CVE-2023-2599 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L May 12, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation