Matt Barry

204
All Time Ranking
10
All Time Discoveries

10 Vulnerabilities

Title CVE ID CVSS Vector Date
Manage WP Worker <= 4.9.2 - Authentication Bypass 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H February 11, 2020
Email Subscribers & Newsletters < 4.3.1 - Unauthenticated Blind SQL Injection CVE-2019-20361 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L November 13, 2019
SyntaxHighlighter Evolved < 3.5.1 - Stored Cross-Site Scripting 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N October 21, 2019
GiveWP <= 2.5.4 - Authorization Bypass CVE-2019-20360 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N September 26, 2019
WordPress Core < 4.9.7 - Authenticated Arbitrary File Deletion CVE-2018-12895 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H July 5, 2018
Captcha 4.3.6 - 4.4.4 - Plugin Backdoor 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H December 19, 2017
Appointments <= 2.2.1 - Unauthenticated PHP Object Injection 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 2, 2017
Flickr Gallery <= 1.5.2 - Unauthenticated PHP Object Injection 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 2, 2017
Autoptimize <= 2.1.0 - Unauthenticated Local File Inclusion 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H June 19, 2017
Subscribe2 – Form, Email Subscribers & Newsletters <= 10.15 - Stored Cross-Site Scripting CVE-2014-6604 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N October 1, 2014

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation