Wordfence Intelligence   >   Vulnerability Researchers   >   yuyudhn

yuyudhn

14
All Time Ranking
157
All Time Discoveries

About

I am passionate about cybersecurity, GNU/Linux, and open source. I have been using Debian as my daily driver since 2013. I am a fan of Evangelion and My Hero Academia. And obviously, I am a big fan of the GOAT, Cristiano Ronaldo.

Showing 1-20 of 157 Vulnerabilities

Automatic Youtube Video Posts Plugin <= 5.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings
5.5
CVE-2023-49180
Nov 29, 2023
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
SoundCloud Shortcode <= 3.1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-34018
Nov 27, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
BZScore – Live Score <= 1.03 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode
6.4
CVE-2023-47654
Nov 7, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
ANAC XML Bandi di Gara <= 7.5 - Cross-Site Request Forgery via settings.php
4.3
CVE-2023-47655
Nov 7, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
ANAC XML Bandi di Gara <= 7.5 - Authenticated (Editor+) Stored Cross-Site Scripting
5.5
CVE-2023-47656
Nov 7, 2023
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Pinyin Slugs <= 2.3.0 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-47511
Nov 7, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Layer Slider <= 1.1.9.7 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-47228
Nov 3, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Post Sliders & Post Grids <= 1.0.20 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-47226
Nov 3, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Comments Ratings <= 1.1.7 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-23702
Nov 3, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Social Feed | All social media in one place <= 1.5.4.6 - Authenticated (Administrator+) Stored Cross-Site Scripting]
4.4
CVE-2023-47227
Nov 3, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
BuddyPress Global Search <= 1.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-45755
Oct 12, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
which template file <= 4.8.0 - Cross-Site Request Forgery
4.3
CVE-2023-45753
Oct 12, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
LeadSquared Suite <= 0.7.4 - Cross-Site Request Forgery
5.4
CVE-2023-45047
Oct 3, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
YouTube Playlist Player <= 4.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2023-45049
Oct 3, 2023
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Social proof testimonials and reviews by Repuso <= 5.01 - Cross-Site Request Forgery
5.4
CVE-2023-45048
Oct 3, 2023
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Image vertical reel scroll slideshow <= 9.0 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-45051
Oct 3, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Timely Booking Button <= 2.0.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-44987
Oct 2, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Popup contact form <= 7.1 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-44230
Sep 28, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Tiny Carousel Horizontal Slider <= 8.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-44229
Sep 28, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Onclick Show Popup <= 8.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-44228
Sep 28, 2023
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
Automatic Youtube Video Posts Plugin <= 5.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings CVE-2023-49180 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N November 29, 2023
SoundCloud Shortcode <= 3.1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-34018 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N November 27, 2023
BZScore – Live Score <= 1.03 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode CVE-2023-47654 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 7, 2023
ANAC XML Bandi di Gara <= 7.5 - Cross-Site Request Forgery via settings.php CVE-2023-47655 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N November 7, 2023
ANAC XML Bandi di Gara <= 7.5 - Authenticated (Editor+) Stored Cross-Site Scripting CVE-2023-47656 5.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N November 7, 2023
Pinyin Slugs <= 2.3.0 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-47511 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N November 7, 2023
Layer Slider <= 1.1.9.7 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-47228 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N November 3, 2023
Post Sliders & Post Grids <= 1.0.20 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-47226 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N November 3, 2023
Comments Ratings <= 1.1.7 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-23702 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N November 3, 2023
Social Feed | All social media in one place <= 1.5.4.6 - Authenticated (Administrator+) Stored Cross-Site Scripting] CVE-2023-47227 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N November 3, 2023
BuddyPress Global Search <= 1.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-45755 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N October 12, 2023
which template file <= 4.8.0 - Cross-Site Request Forgery CVE-2023-45753 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N October 12, 2023
LeadSquared Suite <= 0.7.4 - Cross-Site Request Forgery CVE-2023-45047 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L October 3, 2023
YouTube Playlist Player <= 4.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-45049 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N October 3, 2023
Social proof testimonials and reviews by Repuso <= 5.01 - Cross-Site Request Forgery CVE-2023-45048 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L October 3, 2023
Image vertical reel scroll slideshow <= 9.0 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-45051 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N October 3, 2023
Timely Booking Button <= 2.0.2 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-44987 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N October 2, 2023
Popup contact form <= 7.1 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-44230 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 28, 2023
Tiny Carousel Horizontal Slider <= 8.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-44229 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 28, 2023
Onclick Show Popup <= 8.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-44228 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N September 28, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation