🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > p7e4

p7e4

All Time Ranking

All Time Discoveries

Showing 61-80 of 84 Vulnerabilities

WP Academic People List <= 0.4.1 - Reflected Cross-Site Scripting

6.1

CVE-2021-38316

Sep 8, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

User Activation Email <= 1.3.0 - Reflected Cross-Site Scripting

6.1

CVE-2021-38325

Sep 8, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

SP Rental Manager <= 1.5.3 - Unauthenticated SQL Injection

8.2

CVE-2021-38324

Sep 8, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

6.1

CVE-2021-38319

Sep 8, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Konnichiwa! Membership <= 0.8.3 Reflected Cross-Site Scripting

6.1

CVE-2021-38317

Sep 8, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Moova for WooCommerce <= 3.5 - Reflected Cross-Site Scripting

6.1

CVE-2021-34664

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Skaut bazar <= 1.3.3 - Reflected Cross-Site Scripting

6.1

CVE-2021-34643

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

jQuery Tagline Rotator <= 0.1.5 - Reflected Cross-Site Scripting

6.1

CVE-2021-34663

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Simple Behance Portfolio <= 0.2 - Reflected Cross-Site Scripting

6.1

CVE-2021-34649

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Plugmatter Pricing Table Lite <= 1.0.32 - Reflected Cross-Site Scripting

6.1

CVE-2021-34659

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Calendar_plugin <= 1.0 - Reflected Cross-Site Scripting

6.1

CVE-2021-34667

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

WP Fountain <= 1.5.9 - Reflected Cross-Site Scripting

6.1

CVE-2021-34653

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Custom Post Type Relations <= 1.0 - Reflected Cross-Site Scripting

6.1

CVE-2021-34654

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Media Usage <= 0.0.4 - Reflected Cross-Site Scripting

6.1

CVE-2021-34652

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

2Way VideoCalls and Random Chat – HTML5 Webcam Videochat <= 5.2.7 - Reflected Cross-Site Scripting

6.1

CVE-2021-34656

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Scribble Maps <= 1.2 - Reflected Cross-Site Scripting

6.1

CVE-2021-34651

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Simple Popup Newsletter <= 1.4.7 - Reflected Cross-Site Scripting

6.1

CVE-2021-34658

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

WP SEO Tags <= 2.2.7 - Reflected Cross-Site Scripting

6.1

CVE-2021-34665

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

WP Songbook <= 2.0.11 - Reflected Cross-Site Scripting

6.1

CVE-2021-34655

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Multiplayer Games <= 3.7 - Reflected Cross-Site Scripting

6.1

CVE-2021-34644

Aug 13, 2021

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
WP Academic People List <= 0.4.1 - Reflected Cross-Site Scripting	CVE-2021-38316	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	September 8, 2021
User Activation Email <= 1.3.0 - Reflected Cross-Site Scripting	CVE-2021-38325	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	September 8, 2021
SP Rental Manager <= 1.5.3 - Unauthenticated SQL Injection	CVE-2021-38324	8.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L	September 8, 2021
More From Google <= 0.0.2 - Reflected Cross-Site Scripting	CVE-2021-38319	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	September 8, 2021
Konnichiwa! Membership <= 0.8.3 Reflected Cross-Site Scripting	CVE-2021-38317	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	September 8, 2021
Moova for WooCommerce <= 3.5 - Reflected Cross-Site Scripting	CVE-2021-34664	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021
Skaut bazar <= 1.3.3 - Reflected Cross-Site Scripting	CVE-2021-34643	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021
jQuery Tagline Rotator <= 0.1.5 - Reflected Cross-Site Scripting	CVE-2021-34663	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021
Simple Behance Portfolio <= 0.2 - Reflected Cross-Site Scripting	CVE-2021-34649	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021
Plugmatter Pricing Table Lite <= 1.0.32 - Reflected Cross-Site Scripting	CVE-2021-34659	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021
Calendar_plugin <= 1.0 - Reflected Cross-Site Scripting	CVE-2021-34667	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021
WP Fountain <= 1.5.9 - Reflected Cross-Site Scripting	CVE-2021-34653	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021
Custom Post Type Relations <= 1.0 - Reflected Cross-Site Scripting	CVE-2021-34654	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021
Media Usage <= 0.0.4 - Reflected Cross-Site Scripting	CVE-2021-34652	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021
2Way VideoCalls and Random Chat – HTML5 Webcam Videochat <= 5.2.7 - Reflected Cross-Site Scripting	CVE-2021-34656	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021
Scribble Maps <= 1.2 - Reflected Cross-Site Scripting	CVE-2021-34651	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021
Simple Popup Newsletter <= 1.4.7 - Reflected Cross-Site Scripting	CVE-2021-34658	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021
WP SEO Tags <= 2.2.7 - Reflected Cross-Site Scripting	CVE-2021-34665	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021
WP Songbook <= 2.0.11 - Reflected Cross-Site Scripting	CVE-2021-34655	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021
Multiplayer Games <= 3.7 - Reflected Cross-Site Scripting	CVE-2021-34644	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 13, 2021

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation