Vladislav Pokrovsky

Title	CVE ID	CVSS	Vector	Date
wpDiscuz <= 7.6.3 - Insecure Direct Object Reference to Comment Rating Increase/Decrease	CVE-2023-3869	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	September 12, 2023
wpDiscuz <= 7.6.3 - Insecure Direct Object Reference to Post Rating Increase/Decrease	CVE-2023-3998	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	September 12, 2023
PeproDev CF7 Database <= 1.7.0 - Unauthenticated Stored Cross-Site Scripting via form submission	CVE-2023-41863	7.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N	September 5, 2023
Simple Membership <= 4.3.5 - Reflected Cross-Site Scripting	CVE-2023-4719	7.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N	September 5, 2023
Social Media & Share Icons <= 2.8.3 - Reflected Cross-Site Scripting	CVE-2023-41238	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	August 29, 2023
Oxygen < 4.4 - Cross-Site Request Forgery	CVE-2022-46841	4.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N	July 20, 2023
Multiple DeoThemes Themes <= (Various Versions) - Reflected Cross-Site Scripting	CVE-2023-3708	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	July 17, 2023
WPJobBoard <= 5.9.0 - Unauthenticated SQL Injection	CVE-2023-36525	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	June 27, 2023
Balkon <= 1.3.2 - Reflected Cross-Site Scripting	CVE-2023-36502	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 23, 2023
TheRoof <= 1.0.3 - Reflected Cross-Site Scripting	CVE-2023-29430	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	April 6, 2023
Outdoor <= 3.9.6 - Reflected Cross-Site Scripting	CVE-2023-29236	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	April 4, 2023
Slide Anything <= 2.4.7 - Authenticated (Author+) Stored Cross-Site Scripting	CVE-2023-28499	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	March 15, 2023
Real Estate 7 Theme <= 3.3.4 - Unauthenticated Arbitrary Email Sending		5.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N	March 9, 2023
WoodMart <= 7.1.1 - Missing Authorization to Shortcode Injection	CVE-2023-25790	6.5	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N	March 1, 2023
Real Estate 7 <= 3.3.4 - Cross-Site Request Forgery		5.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L	March 1, 2023
Woodmart <= 7.1.1 - Cross-Site Request Forgery to License Update	CVE-2023-32500	6.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N	March 1, 2023
Real Estate 7 <= 3.3.4 - Reflected Cross-Site Scripting via ct_additional_features		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 28, 2023
Real Estate 7 Theme <= 3.3.1 - Stored Cross-Site Scripting	CVE-2022-47146	7.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N	February 20, 2023
Woodmart <= 7.0.4 - Unauthenticated Arbitrary Content Injection	CVE-2023-25790	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	February 16, 2023
Monolit <= 2.0.6 - Unauthenticated Stored Cross-Site Scripting	CVE-2023-25041	7.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N	February 6, 2023

Share this researcher's vulnerability discoveries

All the threat data shared in this database is powered by Wordfence Intelligence Enterprise.
Interested in integrating this data into your platform or network?
Contact us now to discuss API access to our Wordfence Intelligence Enterprise Data Feeds.

Inquire Now

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation