🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > Skalucy

Skalucy

All Time Ranking

All Time Discoveries

Showing 21-40 of 63 Vulnerabilities

Delete Post Revisions In WordPress <= 4.6 - Cross-Site Request Forgery

4.3

CVE-2023-48754

Nov 27, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Seraphinite Post .DOCX Source <= 2.16.6 - Cross-Site Request Forgery

4.3

CVE-2023-48279

Nov 23, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Preloader Matrix <= 2.0.1 - Cross-Site Request Forgery

4.3

CVE-2023-47685

Nov 9, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Best Restaurant Menu by PriceListo <= 1.3.1 - Cross-Site Request Forgery via menu_page

4.3

CVE-2023-47649

Nov 7, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

EasyRecipe <= 3.5.3251 - Cross-Site Request Forgery

4.3

CVE-2023-46779

Oct 26, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Autolinks Manager <= 1.10.04 - Cross-Site Request Forgery

4.3

CVE-2023-46625

Oct 25, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Smooth Scroll Links <= 1.1.0 - Cross-Site Request Forgery

4.3

CVE-2023-46095

Oct 17, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Serial Numbers for WooCommerce – License Manager <= 1.6.3 - Cross-Site Request Forgery

4.3

CVE-2023-46078

Oct 16, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Sort SearchResult By Title <= 10.0 - Cross-Site Request Forgery via settings_page

4.3

CVE-2023-45639

Oct 12, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Eupago Gateway For Woocommerce <= 3.1.9 - Cross-Site Request Forgery via eupago_page_content

4.3

CVE-2023-45638

Oct 12, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Backend Localization <= 2.1.10 - Cross-Site Request Forgery

4.3

CVE-2023-44471

Sep 29, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Add Shortcodes Actions And Filters <= 2.0.9 - Cross-Site Request Forgery

4.3

CVE-2023-44475

Sep 29, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Kv TinyMCE Editor Add Fonts <= 1.1 - Cross-Site Request Forgery

4.3

CVE-2023-44470

Sep 28, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

DoFollow Case by Case <= 3.4.2 Cross-Site Request Forgery via getEmail and getUrl

4.3

CVE-2023-49197

Sep 22, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

WP Gallery Metabox <= 1.0.0 - Cross-Site Request Forgery

4.3

CVE-2023-41876

Sep 5, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Bulk NoIndex & NoFollow Toolkit <= 1.5 - Missing Authorization

4.3

CVE-2023-41688

Sep 4, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

DX-auto-save-images <= 1.4.0 - Cross-Site Request Forgery

4.3

CVE-2023-40671

Aug 21, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

WooCommerce Dynamic Pricing and Discount Rules <= 2.4.0 - Cross-Site Request Forgery

4.3

CVE-2023-40559

Aug 16, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

SB Child List <= 4.5 - Cross-Site Request Forgery via 'sb_cl_update_settings'

4.3

CVE-2023-40210

Aug 11, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Photo Gallery by Ays <= 5.2.6 - Cross-Site Request Forgery

4.3

CVE-2023-39917

Aug 7, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
Delete Post Revisions In WordPress <= 4.6 - Cross-Site Request Forgery	CVE-2023-48754	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	November 27, 2023
Seraphinite Post .DOCX Source <= 2.16.6 - Cross-Site Request Forgery	CVE-2023-48279	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	November 23, 2023
Preloader Matrix <= 2.0.1 - Cross-Site Request Forgery	CVE-2023-47685	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	November 9, 2023
Best Restaurant Menu by PriceListo <= 1.3.1 - Cross-Site Request Forgery via menu_page	CVE-2023-47649	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	November 7, 2023
EasyRecipe <= 3.5.3251 - Cross-Site Request Forgery	CVE-2023-46779	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 26, 2023
Autolinks Manager <= 1.10.04 - Cross-Site Request Forgery	CVE-2023-46625	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 25, 2023
Smooth Scroll Links <= 1.1.0 - Cross-Site Request Forgery	CVE-2023-46095	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 17, 2023
Serial Numbers for WooCommerce – License Manager <= 1.6.3 - Cross-Site Request Forgery	CVE-2023-46078	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 16, 2023
Sort SearchResult By Title <= 10.0 - Cross-Site Request Forgery via settings_page	CVE-2023-45639	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 12, 2023
Eupago Gateway For Woocommerce <= 3.1.9 - Cross-Site Request Forgery via eupago_page_content	CVE-2023-45638	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 12, 2023
Backend Localization <= 2.1.10 - Cross-Site Request Forgery	CVE-2023-44471	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 29, 2023
Add Shortcodes Actions And Filters <= 2.0.9 - Cross-Site Request Forgery	CVE-2023-44475	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 29, 2023
Kv TinyMCE Editor Add Fonts <= 1.1 - Cross-Site Request Forgery	CVE-2023-44470	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 28, 2023
DoFollow Case by Case <= 3.4.2 Cross-Site Request Forgery via getEmail and getUrl	CVE-2023-49197	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 22, 2023
WP Gallery Metabox <= 1.0.0 - Cross-Site Request Forgery	CVE-2023-41876	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 5, 2023
Bulk NoIndex & NoFollow Toolkit <= 1.5 - Missing Authorization	CVE-2023-41688	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	September 4, 2023
DX-auto-save-images <= 1.4.0 - Cross-Site Request Forgery	CVE-2023-40671	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	August 21, 2023
WooCommerce Dynamic Pricing and Discount Rules <= 2.4.0 - Cross-Site Request Forgery	CVE-2023-40559	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	August 16, 2023
SB Child List <= 4.5 - Cross-Site Request Forgery via 'sb_cl_update_settings'	CVE-2023-40210	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	August 11, 2023
Photo Gallery by Ays <= 5.2.6 - Cross-Site Request Forgery	CVE-2023-39917	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	August 7, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation