Rio Darmawan

Vulnerabilities Discovered:

164
All Time Discoveries
18
Discoveries since Aug 30, 2023

Showing 1-20 of 164 vulnerabilities

Title CVE ID CVSS Vector Date
Order Delivery Date for WP e-Commerce <= 1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41859 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Order Delivery Date for WP e-Commerce <= 1.2 - Cross-Site Request Forgery CVE-2023-41858 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 5, 2023
wpCentral <= 1.5.7 - Cross-Site Request Forgery CVE-2023-41854 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 5, 2023
Outbound Link Manager <= 1.2 - Cross-Site Request Forgery CVE-2023-41850 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 5, 2023
WP Custom Post Template <= 1.0 - Cross-Site Request Forgery CVE-2023-41851 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 5, 2023
UniConsent Cookie Consent CMP for GDPR / CCPA <= 1.4.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41800 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Locations <= 4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-41797 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Swifty Bar, sticky bar by WPGens <= 1.2.10 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41737 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Insert Estimated Reading Time <= 1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41734 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Back To The Top Button <= 2.1.5 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41733 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
wordpress publish post email notification <= 1.0.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41731 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Multi-column Tag Map <= 17.0.26 - Missing Authorization CVE-2023-41651 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N September 1, 2023
Better Elementor Addons <= 1.3.5 - Missing Authorization CVE-2023-41656 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N September 1, 2023
Remove/hide Author, Date, Category Like Entry-Meta <= 2.1 - Cross-Site Request Forgery CVE-2023-41650 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 1, 2023
authLdap <= 2.5.8 - Cross-Site Request Forgery CVE-2023-41654 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N September 1, 2023
Responsive Gallery Grid <= 2.3.10 - Cross-Site Request Forgery CVE-2023-41659 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N September 1, 2023
authLdap <= 2.5.9 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41655 3.3 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N September 1, 2023
HollerBox <= 2.3.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41657 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 1, 2023
Snap Pixel <= 1.5.7 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41242 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N August 29, 2023
Easy Coming Soon <= 2.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via plugin settings CVE-2023-25483 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N August 28, 2023

Share this researcher's vulnerability discoveries

All the threat data shared in this database is powered by Wordfence Intelligence Enterprise.
Interested in integrating this data into your platform or network?
Contact us now to discuss API access to our Wordfence Intelligence Enterprise Data Feeds.

Inquire Now

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation