Wordfence Intelligence   >   Vulnerability Researchers   >   Suzhou Aurora Infinity Information Technology Co

Suzhou Aurora Infinity Information Technology Co

230
All Time Ranking
9
All Time Discoveries

9 Vulnerabilities

WordPress Importer : Import any XML File to WordPress < 1.0.1 - Server-Side Request Forgery
9.1
CVE-2020-24147
Apr 13, 2021
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Podcast Importer SecondLine <= 1.1.4 - Server-Side Request Forgery
6.5
CVE-2020-24149
Apr 13, 2021
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Video Downloader for TikTok < 1.4 - Server-Side Request Forgery
8.3
CVE-2020-24142
Apr 13, 2021
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
CM Download Manager < 2.8.0 - Directory Traversal to Arbitrary File Deletion and Denial of Service
8.1
CVE-2020-24146
Apr 13, 2021
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Video Downloader for TikTok < 1.4 - Directory Traversal
7.5
CVE-2020-24143
Apr 13, 2021
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Media File Organizer <= 1.0.1 - Directory Traversal
8.6
CVE-2020-24144
Apr 13, 2021
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
CM Download Manager <= 2.7.0 - Cross-Site Scripting
6.1
CVE-2020-24145
Apr 13, 2021
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
WP-DownloadManager <= 1.68.4 - Server-Side Request Forgery
5.3
CVE-2020-24141
Apr 13, 2021
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Import XML and RSS Feeds <= 2.0.2 - Server-Side Request Forgery
9.1
CVE-2020-24148
Apr 13, 2021
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Title CVE ID CVSS Vector Date
WordPress Importer : Import any XML File to WordPress < 1.0.1 - Server-Side Request Forgery CVE-2020-24147 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H April 13, 2021
Podcast Importer SecondLine <= 1.1.4 - Server-Side Request Forgery CVE-2020-24149 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N April 13, 2021
Video Downloader for TikTok < 1.4 - Server-Side Request Forgery CVE-2020-24142 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L April 13, 2021
CM Download Manager < 2.8.0 - Directory Traversal to Arbitrary File Deletion and Denial of Service CVE-2020-24146 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H April 13, 2021
Video Downloader for TikTok < 1.4 - Directory Traversal CVE-2020-24143 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N April 13, 2021
Media File Organizer <= 1.0.1 - Directory Traversal CVE-2020-24144 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N April 13, 2021
CM Download Manager <= 2.7.0 - Cross-Site Scripting CVE-2020-24145 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 13, 2021
WP-DownloadManager <= 1.68.4 - Server-Side Request Forgery CVE-2020-24141 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N April 13, 2021
Import XML and RSS Feeds <= 2.0.2 - Server-Side Request Forgery CVE-2020-24148 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H April 13, 2021

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation