Wordfence Intelligence   >   Vulnerability Researchers   >   Ram

Ram

Organization: Wordfence

15
All Time Ranking
149
All Time Discoveries

1 Achievement

Learn more about Achievements
Wordfence Vulnerability Researcher
Wordfence Vulnerability Researcher
November 8, 2023
Learn more Learn more about Achievements

Showing 141-149 of 149 Vulnerabilities

WooCommerce Upload Files <= 59.3 - Arbitrary File Upload
9.8
CVE-2021-24171
Mar 4, 2021
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Rank Math SEO <= 1.0.40.2 - Privilege Escalation via Unprotected REST API Endpoint
9.8
CVE-2020-11514
Mar 25, 2020
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Total Donations <= 2.0.5 - Missing Authorization to Arbitrary Options Update
9.8
CVE-2019-6703
Jan 25, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Jupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 - Authenticated Privilege Escalation
9.9
CVE-2022-1654
May 18, 2022
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
PHP Everywhere <= 2.0.3 - Remote Code Execution by Contributor+ users via gutenberg block
9.9
CVE-2022-24665
Jan 4, 2022
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
PHP Everywhere <= 2.0.3 - Authenticated (Contributor+) Remote Code Execution via Metabox
9.9
CVE-2022-24664
Jan 4, 2022
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
PHP Everywhere <= 2.0.3 - Remote Code Execution by Subscriber+ users via shortcode
9.9
CVE-2022-24663
Jan 4, 2022
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Authenticated Privilege Escalation
9.9
CVE-2020-9456
Mar 5, 2020
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Authenticated Settings Import to Privilege Escalation
9.9
CVE-2020-9457
Mar 5, 2020
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Title CVE ID CVSS Vector Date
WooCommerce Upload Files <= 59.3 - Arbitrary File Upload CVE-2021-24171 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H March 4, 2021
Rank Math SEO <= 1.0.40.2 - Privilege Escalation via Unprotected REST API Endpoint CVE-2020-11514 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H March 25, 2020
Total Donations <= 2.0.5 - Missing Authorization to Arbitrary Options Update CVE-2019-6703 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 25, 2019
Jupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 - Authenticated Privilege Escalation CVE-2022-1654 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H May 18, 2022
PHP Everywhere <= 2.0.3 - Remote Code Execution by Contributor+ users via gutenberg block CVE-2022-24665 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H January 4, 2022
PHP Everywhere <= 2.0.3 - Authenticated (Contributor+) Remote Code Execution via Metabox CVE-2022-24664 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H January 4, 2022
PHP Everywhere <= 2.0.3 - Remote Code Execution by Subscriber+ users via shortcode CVE-2022-24663 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H January 4, 2022
RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Authenticated Privilege Escalation CVE-2020-9456 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 5, 2020
RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Authenticated Settings Import to Privilege Escalation CVE-2020-9457 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H March 5, 2020

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation