🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > Skalucy

Skalucy

All Time Ranking

All Time Discoveries

Showing 41-60 of 62 Vulnerabilities

EasyRecipe <= 3.5.3251 - Cross-Site Request Forgery

4.3

CVE-2023-46779

Oct 26, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Autolinks Manager <= 1.10.04 - Cross-Site Request Forgery

4.3

CVE-2023-46625

Oct 25, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Smooth Scroll Links <= 1.1.0 - Cross-Site Request Forgery

4.3

CVE-2023-46095

Oct 17, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Serial Numbers for WooCommerce – License Manager <= 1.6.3 - Cross-Site Request Forgery

4.3

CVE-2023-46078

Oct 16, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Eupago Gateway For Woocommerce <= 3.1.9 - Cross-Site Request Forgery via eupago_page_content

4.3

CVE-2023-45638

Oct 12, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Sort SearchResult By Title <= 10.0 - Cross-Site Request Forgery via settings_page

4.3

CVE-2023-45639

Oct 12, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Add Shortcodes Actions And Filters <= 2.0.9 - Cross-Site Request Forgery

4.3

CVE-2023-44475

Sep 29, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Backend Localization <= 2.1.10 - Cross-Site Request Forgery

4.3

CVE-2023-44471

Sep 29, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Kv TinyMCE Editor Add Fonts <= 1.1 - Cross-Site Request Forgery

4.3

CVE-2023-44470

Sep 28, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

DoFollow Case by Case <= 3.4.2 Cross-Site Request Forgery via getEmail and getUrl

4.3

CVE-2023-49197

Sep 22, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

WP Gallery Metabox <= 1.0.0 - Cross-Site Request Forgery

4.3

CVE-2023-41876

Sep 5, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Bulk NoIndex & NoFollow Toolkit <= 1.5 - Missing Authorization

4.3

CVE-2023-41688

Sep 4, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

DX-auto-save-images <= 1.4.0 - Cross-Site Request Forgery

4.3

CVE-2023-40671

Aug 21, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

WooCommerce Dynamic Pricing and Discount Rules <= 2.4.0 - Cross-Site Request Forgery

4.3

CVE-2023-40559

Aug 16, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

SB Child List <= 4.5 - Cross-Site Request Forgery via 'sb_cl_update_settings'

4.3

CVE-2023-40210

Aug 11, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Photo Gallery by Ays <= 5.2.6 - Cross-Site Request Forgery

4.3

CVE-2023-39917

Aug 7, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Mobile Address Bar Changer <= 3.0 - Cross-Site Request Forgery to Settings Update

4.3

CVE-2023-38390

Jul 25, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Perelink Pro <= 2.1.4 - Cross-Site Request Forgery to Settings Update

4.3

CVE-2023-37990

Jul 24, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

WP Testimonials <= 1.4.2 - Cross-Site Request Forgery to Widget Deletion

4.3

CVE-2023-2830

Jul 14, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Advanced Flat rate shipping Woocommerce <= 1.6.4.4 - Cross-Site Request Forgery via enableDisable and deletePost

4.3

CVE-2023-34015

Jun 2, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
EasyRecipe <= 3.5.3251 - Cross-Site Request Forgery	CVE-2023-46779	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 26, 2023
Autolinks Manager <= 1.10.04 - Cross-Site Request Forgery	CVE-2023-46625	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 25, 2023
Smooth Scroll Links <= 1.1.0 - Cross-Site Request Forgery	CVE-2023-46095	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 17, 2023
Serial Numbers for WooCommerce – License Manager <= 1.6.3 - Cross-Site Request Forgery	CVE-2023-46078	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 16, 2023
Eupago Gateway For Woocommerce <= 3.1.9 - Cross-Site Request Forgery via eupago_page_content	CVE-2023-45638	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 12, 2023
Sort SearchResult By Title <= 10.0 - Cross-Site Request Forgery via settings_page	CVE-2023-45639	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	October 12, 2023
Add Shortcodes Actions And Filters <= 2.0.9 - Cross-Site Request Forgery	CVE-2023-44475	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 29, 2023
Backend Localization <= 2.1.10 - Cross-Site Request Forgery	CVE-2023-44471	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 29, 2023
Kv TinyMCE Editor Add Fonts <= 1.1 - Cross-Site Request Forgery	CVE-2023-44470	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 28, 2023
DoFollow Case by Case <= 3.4.2 Cross-Site Request Forgery via getEmail and getUrl	CVE-2023-49197	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 22, 2023
WP Gallery Metabox <= 1.0.0 - Cross-Site Request Forgery	CVE-2023-41876	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	September 5, 2023
Bulk NoIndex & NoFollow Toolkit <= 1.5 - Missing Authorization	CVE-2023-41688	4.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N	September 4, 2023
DX-auto-save-images <= 1.4.0 - Cross-Site Request Forgery	CVE-2023-40671	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	August 21, 2023
WooCommerce Dynamic Pricing and Discount Rules <= 2.4.0 - Cross-Site Request Forgery	CVE-2023-40559	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	August 16, 2023
SB Child List <= 4.5 - Cross-Site Request Forgery via 'sb_cl_update_settings'	CVE-2023-40210	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	August 11, 2023
Photo Gallery by Ays <= 5.2.6 - Cross-Site Request Forgery	CVE-2023-39917	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	August 7, 2023
Mobile Address Bar Changer <= 3.0 - Cross-Site Request Forgery to Settings Update	CVE-2023-38390	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 25, 2023
Perelink Pro <= 2.1.4 - Cross-Site Request Forgery to Settings Update	CVE-2023-37990	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 24, 2023
WP Testimonials <= 1.4.2 - Cross-Site Request Forgery to Widget Deletion	CVE-2023-2830	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 14, 2023
Advanced Flat rate shipping Woocommerce <= 1.6.4.4 - Cross-Site Request Forgery via enableDisable and deletePost	CVE-2023-34015	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	June 2, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation