🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > Mika

Mika

All Time Ranking

305

All Time Discoveries

Showing 1-20 of 305 Vulnerabilities

WP GDPR Compliance <= 2.0.23 - Cross-Site Request Forgery

4.3

CVE-2024-33682

Apr 26, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

WP Compress – Image Optimizer [All-In-One] <= 6.10.35 - Cross-Site Request Forgery

4.3

CVE-2024-32106

Apr 11, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Filter Custom Fields & Taxonomies Light <= 1.05 - Missing Authorization

4.3

CVE-2024-32081

Apr 11, 2024

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

WP Accessibility Helper (WAH) <= 0.6.2.5 - Missing Authorization

4.3

CVE-2024-31423

Apr 10, 2024

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

AppPresser <= 4.3.0 - Cross-Site Request Forgery via force_logging_off()

4.3

CVE-2024-31374

Apr 10, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Link Whisper Free <= 0.6.9

4.3

CVE-2024-31934

Apr 10, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Heureka <= 1.0.8 - Cross-Site Request Forgery

4.3

CVE-2024-25931

Feb 20, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Comments Like Dislike <= 1.2.2 - IP Spoofing

4.3

CVE-2024-25906

Feb 12, 2024

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

WP Spell Check <= 9.17 - Cross-Site Request Forgery

4.3

CVE-2024-22143

Jan 12, 2024

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Products & Order Export for WooCommerce <= 2.0.7 - Missing Authorization

4.3

CVE-2024-31276

Jan 10, 2024

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

MStore API <= 4.10.1 - Cross-Site Request Forgery

4.3

CVE-2023-50878

Dec 26, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

HUSKY – Products Filter for WooCommerce (formerly WOOF) <= 1.3.4.3 - Cross-Site Request Forgery

4.3

CVE-2023-50861

Dec 22, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Anti Hacker <= 4.34 - Cross-Site Request Forgery via antihacker_ajax_scan

4.3

CVE-2023-50858

Dec 22, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Integrate Google Drive <= 1.3.4 - Cross-Site Request Forgery

4.3

CVE-2023-49769

Dec 5, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CodeBard's Patron Button and Widgets for Patreon <= 2.1.9 - Cross-Site Request Forgery

4.3

CVE-2023-47765

Nov 14, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Plainview Protect Passwords <= 1.4 - Cross-Site Request Forgery

4.3

CVE-2023-47664

Nov 8, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Feather Login Page <= 1.1.3 - Cross-Site Request Forgery

4.3

CVE-2023-46777

Oct 26, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

WCP OpenWeather <= 2.5.0 - Cross-Site Request Forgery

4.3

CVE-2023-46638

Oct 25, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Novo-Map : your WP posts on custom google maps <= 1.1.2 - Cross-Site Request Forgery

4.3

CVE-2023-46190

Oct 18, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Comments Ratings <= 1.1.7 - Cross-Site Request Forgery

4.3

CVE-2023-45654

Oct 12, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
WP GDPR Compliance <= 2.0.23 - Cross-Site Request Forgery	CVE-2024-33682	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	April 26, 2024
WP Compress – Image Optimizer [All-In-One] <= 6.10.35 - Cross-Site Request Forgery	CVE-2024-32106	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	April 11, 2024
Filter Custom Fields & Taxonomies Light <= 1.05 - Missing Authorization	CVE-2024-32081	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	April 11, 2024
WP Accessibility Helper (WAH) <= 0.6.2.5 - Missing Authorization	CVE-2024-31423	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	April 10, 2024
AppPresser <= 4.3.0 - Cross-Site Request Forgery via force_logging_off()	CVE-2024-31374	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	April 10, 2024
Link Whisper Free <= 0.6.9	CVE-2024-31934	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	April 10, 2024
Heureka <= 1.0.8 - Cross-Site Request Forgery	CVE-2024-25931	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	February 20, 2024
Comments Like Dislike <= 1.2.2 - IP Spoofing	CVE-2024-25906	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	February 12, 2024
WP Spell Check <= 9.17 - Cross-Site Request Forgery	CVE-2024-22143	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	January 12, 2024
Products & Order Export for WooCommerce <= 2.0.7 - Missing Authorization	CVE-2024-31276	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	January 10, 2024
MStore API <= 4.10.1 - Cross-Site Request Forgery	CVE-2023-50878	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	December 26, 2023
HUSKY – Products Filter for WooCommerce (formerly WOOF) <= 1.3.4.3 - Cross-Site Request Forgery	CVE-2023-50861	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	December 22, 2023
Anti Hacker <= 4.34 - Cross-Site Request Forgery via antihacker_ajax_scan	CVE-2023-50858	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	December 22, 2023
Integrate Google Drive <= 1.3.4 - Cross-Site Request Forgery	CVE-2023-49769	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	December 5, 2023
CodeBard's Patron Button and Widgets for Patreon <= 2.1.9 - Cross-Site Request Forgery	CVE-2023-47765	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	November 14, 2023
Plainview Protect Passwords <= 1.4 - Cross-Site Request Forgery	CVE-2023-47664	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	November 8, 2023
Feather Login Page <= 1.1.3 - Cross-Site Request Forgery	CVE-2023-46777	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 26, 2023
WCP OpenWeather <= 2.5.0 - Cross-Site Request Forgery	CVE-2023-46638	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 25, 2023
Novo-Map : your WP posts on custom google maps <= 1.1.2 - Cross-Site Request Forgery	CVE-2023-46190	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 18, 2023
Comments Ratings <= 1.1.7 - Cross-Site Request Forgery	CVE-2023-45654	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 12, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation