🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > Syed Sheeraz Ali

Syed Sheeraz Ali

110

All Time Ranking

All Time Discoveries

Showing 1-20 of 21 Vulnerabilities

G Auto-Hyperlink <= 1.0.1 - Authenticated (Admin+) SQL Injection

7.2

CVE-2021-24627

Oct 7, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

WP Domain Redirect <= 1.0 - Authenticated (Admin+) SQL Injection

7.2

CVE-2021-24401

Aug 22, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Responsive 3D Slider <= 1.2 - Authenticated (Admin+) SQL Injection

7.2

CVE-2021-24398

Aug 22, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

WP iCommerce – the first interactive ecommerce for wordpress <= 1.1.1 - Authenticated (Admin+) SQL Injection

7.2

CVE-2021-24402

Aug 22, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

WP Board <= 1.1(Beta) - Authenticated (Admin+) SQL Injection

8.8

CVE-2021-24404

Aug 22, 2021

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

GSEOR – WordPress SEO Plugin <= 1.3 - Authenticated (Admin+) SQL Injection

7.2

CVE-2021-24396

Aug 22, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Product Feed on WooCommerce for Google, Awin, Shareasale, Bing, and More < 3.3.1.0 - Authenticated SQL Injection via product_id Parameter

7.2

CVE-2021-24511

Aug 22, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Display Users <= 2.0.0 - Authenticated (Admin+) SQL Injection

7.2

CVE-2021-24400

Aug 22, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

The Sorter <= 1.0 - Authenticated (Admin+) SQL Injection

7.2

CVE-2021-24399

Aug 22, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

MicroCopy <= 1.1.0 - Authenticated (Admin+) SQL Injection

7.2

CVE-2021-24397

Aug 22, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

WordPress Page Contact <= 1.0 - Authenticated (Admin+) SQL Injection

8.8

CVE-2021-24403

Aug 22, 2021

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Cashtomer <= 1.0.0 - Authenticated (Admin+) SQL Injection

8.8

CVE-2021-24391

Jul 23, 2021

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

WordPress Membership SwiftCloud.io <= 1.0 - Authenticated (Admin+) SQL Injection

7.2

CVE-2021-24392

Jul 23, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Embed Youtube Video <= 1.0 - Authenticated (Admin+) SQL Injection

7.2

CVE-2021-24395

Jul 23, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Comment Highlighter <= 0.13 - Authenticated (Admin+) SQL Injection

7.2

CVE-2021-24393

Jul 23, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Easy Testimonial Manager <= 1.2.0 - Authenticated (Admin+) SQL Injection

7.2

CVE-2021-24394

Jul 23, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

WordPress支付宝Alipay|财付通Tenpay|贝宝PayPal集成插件 <= 3.7.2 - Authenticated (Admin+) SQL Injection

7.2

CVE-2021-24390

Jul 23, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Xllentech English Islamic Calendar <= 2.6.7 - SQL Injection

8.8

CVE-2021-24341

May 27, 2021

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Video Embed <= 1.0 - Authenticated (Subscriber+) SQL Injection

8.8

CVE-2021-24337

May 19, 2021

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tradetracker-Store < 4.6.60 - Authenticated SQL Injection

7.2

CVE-2021-24778

May 13, 2021

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Title	CVE ID	CVSS	Vector	Date
G Auto-Hyperlink <= 1.0.1 - Authenticated (Admin+) SQL Injection	CVE-2021-24627	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	October 7, 2021
WP Domain Redirect <= 1.0 - Authenticated (Admin+) SQL Injection	CVE-2021-24401	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	August 22, 2021
Responsive 3D Slider <= 1.2 - Authenticated (Admin+) SQL Injection	CVE-2021-24398	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	August 22, 2021
WP iCommerce – the first interactive ecommerce for wordpress <= 1.1.1 - Authenticated (Admin+) SQL Injection	CVE-2021-24402	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	August 22, 2021
WP Board <= 1.1(Beta) - Authenticated (Admin+) SQL Injection	CVE-2021-24404	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	August 22, 2021
GSEOR – WordPress SEO Plugin <= 1.3 - Authenticated (Admin+) SQL Injection	CVE-2021-24396	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	August 22, 2021
Product Feed on WooCommerce for Google, Awin, Shareasale, Bing, and More < 3.3.1.0 - Authenticated SQL Injection via product_id Parameter	CVE-2021-24511	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	August 22, 2021
Display Users <= 2.0.0 - Authenticated (Admin+) SQL Injection	CVE-2021-24400	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	August 22, 2021
The Sorter <= 1.0 - Authenticated (Admin+) SQL Injection	CVE-2021-24399	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	August 22, 2021
MicroCopy <= 1.1.0 - Authenticated (Admin+) SQL Injection	CVE-2021-24397	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	August 22, 2021
WordPress Page Contact <= 1.0 - Authenticated (Admin+) SQL Injection	CVE-2021-24403	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	August 22, 2021
Cashtomer <= 1.0.0 - Authenticated (Admin+) SQL Injection	CVE-2021-24391	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	July 23, 2021
WordPress Membership SwiftCloud.io <= 1.0 - Authenticated (Admin+) SQL Injection	CVE-2021-24392	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	July 23, 2021
Embed Youtube Video <= 1.0 - Authenticated (Admin+) SQL Injection	CVE-2021-24395	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	July 23, 2021
Comment Highlighter <= 0.13 - Authenticated (Admin+) SQL Injection	CVE-2021-24393	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	July 23, 2021
Easy Testimonial Manager <= 1.2.0 - Authenticated (Admin+) SQL Injection	CVE-2021-24394	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	July 23, 2021
WordPress支付宝Alipay\|财付通Tenpay\|贝宝PayPal集成插件 <= 3.7.2 - Authenticated (Admin+) SQL Injection	CVE-2021-24390	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	July 23, 2021
Xllentech English Islamic Calendar <= 2.6.7 - SQL Injection	CVE-2021-24341	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	May 27, 2021
Video Embed <= 1.0 - Authenticated (Subscriber+) SQL Injection	CVE-2021-24337	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	May 19, 2021
Tradetracker-Store < 4.6.60 - Authenticated SQL Injection	CVE-2021-24778	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	May 13, 2021

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation