Wordfence Intelligence   >   Vulnerability Researchers   >   Rio Darmawan

Rio Darmawan

Organization: Zerobyte

11
All Time Ranking
190
All Time Discoveries

Showing 41-60 of 190 Vulnerabilities

Smart App Banner <= 1.1.3 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-46200
Oct 18, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Triberr <= 4.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-46199
Oct 18, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
LeadSquared Suite <= 0.7.4 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings
4.4
CVE-2023-45833
Oct 13, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Easy Testimonial Slider and Form <= 1.0.18 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings
4.4
CVE-2023-45754
Oct 12, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Next Page <= 1.5.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings
4.4
CVE-2023-45768
Oct 12, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Scroll post excerpt <= 8.0 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-45764
Oct 12, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Open User Map | Everybody can add locations <= 1.3.26 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-45056
Oct 3, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Hitsteps Web Analytics <= 5.86 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-45057
Oct 3, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Complete Open Graph <= 3.4.5 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-45010
Oct 3, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Social Metrics <= 2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-44263
Oct 2, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Popup contact form <= 7.1 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-44265
Sep 28, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
WP Adminify <= 3.1.7 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-44266
Sep 28, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Blocks <= 1.6.42 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-44262
Sep 28, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
UniConsent Cookie Consent CMP for GDPR / CCPA <= 1.4.3 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-41800
Sep 5, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
wordpress publish post email notification <= 1.0.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-41731
Sep 5, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Back To The Top Button <= 2.1.6 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-41733
Sep 5, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Insert Estimated Reading Time <= 1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-41734
Sep 5, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Swifty Bar, sticky bar by WPGens <= 1.2.10 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-41737
Sep 5, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Order Delivery Date for WP e-Commerce <= 1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-41859
Sep 5, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
HollerBox <= 2.3.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-41657
Sep 1, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
Smart App Banner <= 1.1.3 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-46200 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N October 18, 2023
Triberr <= 4.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-46199 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N October 18, 2023
LeadSquared Suite <= 0.7.4 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings CVE-2023-45833 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N October 13, 2023
Easy Testimonial Slider and Form <= 1.0.18 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings CVE-2023-45754 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N October 12, 2023
Next Page <= 1.5.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings CVE-2023-45768 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N October 12, 2023
Scroll post excerpt <= 8.0 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-45764 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N October 12, 2023
Open User Map | Everybody can add locations <= 1.3.26 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-45056 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N October 3, 2023
Hitsteps Web Analytics <= 5.86 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-45057 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N October 3, 2023
Complete Open Graph <= 3.4.5 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-45010 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N October 3, 2023
Social Metrics <= 2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-44263 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N October 2, 2023
Popup contact form <= 7.1 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-44265 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 28, 2023
WP Adminify <= 3.1.7 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-44266 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 28, 2023
Blocks <= 1.6.42 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-44262 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 28, 2023
UniConsent Cookie Consent CMP for GDPR / CCPA <= 1.4.3 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41800 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
wordpress publish post email notification <= 1.0.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41731 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Back To The Top Button <= 2.1.6 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41733 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Insert Estimated Reading Time <= 1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41734 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Swifty Bar, sticky bar by WPGens <= 1.2.10 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41737 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
Order Delivery Date for WP e-Commerce <= 1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41859 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 5, 2023
HollerBox <= 2.3.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-41657 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 1, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation