FearZzZz

Vulnerabilities Discovered:

226
All Time Discoveries
0
Discoveries since Apr 28, 2023

Showing 1-20 of 226 vulnerabilities

Title CVE ID CVSS Vector Date
TheRoof <= 1.0.3 - Reflected Cross-Site Scripting CVE-2023-29430 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 6, 2023
Outdoor <= 3.9.6 - Reflected Cross-Site Scripting CVE-2023-29236 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N April 4, 2023
Slide Anything <= 2.4.7 - Authenticated (Author+) Stored Cross-Site Scripting CVE-2023-28499 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N March 15, 2023
Real Estate 7 Theme <= 3.3.4 - Unauthenticated Arbitrary Email Sending 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N March 9, 2023
Real Estate 7 <= 3.3.4 - Cross-Site Request Forgery 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L March 1, 2023
Woodmart <= 7.1.1 - Cross-Site Request Forgery to License Update CVE-2023-32500 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N March 1, 2023
WoodMart <= 7.1.1 - Missing Authorization to Shortcode Injection CVE-2023-25790 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N March 1, 2023
Real Estate 7 <= 3.3.4 - Reflected Cross-Site Scripting via ct_additional_features 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N February 28, 2023
Real Estate 7 Theme <= 3.3.1 - Stored Cross-Site Scripting CVE-2022-47146 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N February 20, 2023
Woodmart <= 7.0.4 - Unauthenticated Arbitrary Content Injection CVE-2023-25790 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N February 16, 2023
Monolit <= 2.0.6 - Unauthenticated Stored Cross-Site Scripting CVE-2023-25041 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N February 6, 2023
JS Help Desk <= 2.7.1 - Unauthenticated Arbitrary File Upload CVE-2022-46839 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 27, 2023
JS Help Desk <= 2.7.1 - Missing Authorization CVE-2022-46840 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L January 27, 2023
JS Help Desk <= 2.7.1 - Missing Authorization to Plugin Settings Update CVE-2022-46838 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H January 27, 2023
JS Help Desk <= 2.7.1 - Unauthenticated SQL Injection CVE-2022-47151 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N January 27, 2023
JS Help Desk <= 2.7.1 - Cross-Site Request Forgery CVE-2022-46842 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N January 27, 2023
Smart Slider 3 <= 3.5.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2022-45843 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 23, 2022
Creative Mail <= 1.5.4 - Cross-Site Request Forgery CVE-2022-44740 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H October 28, 2022
SEO Redirection Plugin <= 8.9 - Cross-Site Request Forgery CVE-2022-40695 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H October 25, 2022
Image Hover Effects Ultimate <= 9.7.1 - Authenticated (Admin+) Arbitrary Options Update CVE-2022-42459 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 25, 2022

Share this researcher's vulnerability discoveries

All the threat data shared in this database is powered by Wordfence Intelligence Enterprise.
Interested in integrating this data into your platform or network?
Contact us now to discuss API access to our Wordfence Intelligence Enterprise Data Feeds.

Inquire Now

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation