Rasi Afeef

86
All Time Ranking
29
All Time Discoveries

Showing 1-20 of 29 Vulnerabilities

Title CVE ID CVSS Vector Date
Forms by CaptainForm <= 2.5.3 - Cross-Site Request Forgery CVE-2022-43459 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H October 29, 2022
Auto Upload Images <= 3.3 - Authenticated (Admin+) Stored Cross-Site Scripting 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N October 24, 2022
Auto Upload Images <= 3.3 - Cross-Site Request Forgery CVE-2022-42880 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H October 24, 2022
RD Station <= 5.1.3 - Cross-Site Request Forgery to Plugin Log Deletion CVE-2022-38139 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H October 18, 2022
OSM - OpenStreetMap <= 6.0 - Cross-Site Request Forgery CVE-2022-30544 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H September 30, 2022
Media Library Folders <= 7.1.1 - Cross-Site Request Forgery CVE-2022-41634 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H September 30, 2022
HREFLANG Tags Lite <= 2.0.0 - Missing Authorization to Data Reset CVE-2022-36418 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N September 29, 2022
TH Advance Product Search <= 1.1.4 - Missing Authorization to Plugin Settings Reset CVE-2022-38057 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N September 27, 2022
TH Advance Product Search <= 1.1.4 - Missing Authorization to Plugin Settings Change CVE-2022-40218 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N September 27, 2022
Oceanwp sticky header <= 1.0.8 - Cross-Site Request Forgery to Plugin Settings Update CVE-2022-35730 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H September 27, 2022
Kraken.io Image Optimizer <= 2.6.5 - Cross-Site Request Forgery CVE-2022-38454 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H September 23, 2022
3D Tag Cloud <= 3.8 - Cross-Site Request Forgery CVE-2022-36417 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H September 22, 2022
RD Station <= 5.2.0 - Cross-Site Request Forgery to Plugin Settings Update CVE-2022-38139 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H September 11, 2022
Mega Addons For WPBakery Page Builder <= 4.2.7 - Cross-Site Request Forgery to Settings Update CVE-2022-36798 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H September 2, 2022
CallRail Phone Call Tracking <= 0.4.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting CVE-2022-36796 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N September 1, 2022
Captcha Code <= 2.7 - Cross-Site Request Forgery to Plugin Settings Update CVE-2022-37411 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H September 1, 2022
GetResponse <= 5.5.19 - Cross-Site Request Forgery CVE-2022-35277 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H September 1, 2022
MP3 jPlayer <= 2.7.3 - Cross-Site Request Forgery CVE-2022-36373 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H September 1, 2022
Better Font Awesome <= 2.0.1 - Cross-Site Request Forgery to Plugin Settings Update CVE-2022-37405 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H August 25, 2022
Better Font Awesome <= 2.0.1 - Cross-Site Request Forgery to Plugin Settings Update CVE-2022-37405 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H August 25, 2022

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation