Wordfence Intelligence   >   Vulnerability Researchers   >   Shreya Pohekar

Shreya Pohekar

59
All Time Ranking
49
All Time Discoveries

Showing 41-49 of 49 Vulnerabilities

Diary & Availability Calendar <= 1.0.3 - Authenticated (Subscriber+) SQL Injection
8.8
CVE-2021-24555
Jul 23, 2021
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
RSVPMaker <= 8.7.2 - Server-Side Request Forgery
2.7
CVE-2021-24371
Jun 29, 2021
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Handsome Testimonials & Reviews < 2.1.1 - Authenticated SQL Injection
8.8
CVE-2021-24492
Jun 29, 2021
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Sendit WP Newsletter <= 2.5.1 - Authenticated (Admin+) SQL Injection
6.6
CVE-2021-24345
May 27, 2021
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Side Menu – add fixed side buttons <= 3.1.3 - SQL Injection
7.2
CVE-2021-24348
May 27, 2021
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Stock in & out <= 1.0.4 - Reflected Cross-Site Scripting
5.4
CVE-2021-24346
May 27, 2021
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
FlightLog <= 3.0.2 - Authenticated (Editor+) SQL Injection
7.2
CVE-2021-24336
May 19, 2021
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Simple Giveaways <= 2.36.1 - Reflected Cross-Site Scripting
6.1
CVE-2021-24298
May 9, 2021
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Car Seller - Auto Classifieds Script <= 2.1.0 - Unauthenticated SQL Injection
9.8
CVE-2021-24285
Apr 26, 2021
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Title CVE ID CVSS Vector Date
Diary & Availability Calendar <= 1.0.3 - Authenticated (Subscriber+) SQL Injection CVE-2021-24555 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H July 23, 2021
RSVPMaker <= 8.7.2 - Server-Side Request Forgery CVE-2021-24371 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N June 29, 2021
Handsome Testimonials & Reviews < 2.1.1 - Authenticated SQL Injection CVE-2021-24492 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H June 29, 2021
Sendit WP Newsletter <= 2.5.1 - Authenticated (Admin+) SQL Injection CVE-2021-24345 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H May 27, 2021
Side Menu – add fixed side buttons <= 3.1.3 - SQL Injection CVE-2021-24348 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 27, 2021
Stock in & out <= 1.0.4 - Reflected Cross-Site Scripting CVE-2021-24346 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N May 27, 2021
FlightLog <= 3.0.2 - Authenticated (Editor+) SQL Injection CVE-2021-24336 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 19, 2021
Simple Giveaways <= 2.36.1 - Reflected Cross-Site Scripting CVE-2021-24298 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N May 9, 2021
Car Seller - Auto Classifieds Script <= 2.1.0 - Unauthenticated SQL Injection CVE-2021-24285 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H April 26, 2021

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation