🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Vulnerability Researchers > yuyudhn

yuyudhn

All Time Ranking

157

All Time Discoveries

About

I am passionate about cybersecurity, GNU/Linux, and open source. I have been using Debian as my daily driver since 2013. I am a fan of Evangelion and My Hero Academia. And obviously, I am a big fan of the GOAT, Cristiano Ronaldo.

Showing 21-40 of 157 Vulnerabilities

Daily Prayer Time <= 2023.03.20 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4

CVE-2023-27631

Mar 8, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Simple YouTube Responsive <= 2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

6.4

CVE-2023-25982

Feb 23, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Olevmedia Shortcodes <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4

CVE-2023-25798

Feb 15, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Quick Paypal Payments <= 5.7.25 - Authenticated (Contributor+) Cross Site Scripting

6.4

CVE-2023-23889

Feb 15, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Quick Contact Form <= 8.0.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4

CVE-2023-23885

Feb 6, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Interactive Geo Maps <= 1.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

6.4

CVE-2023-23866

Jan 30, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

WP Flipclock <= 1.7.4 - Authenticated (Contributor+) Stored Cross Site Scripting

6.4

CVE-2023-23728

Jan 20, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Quick Event Manager <= 9.7.4 - Missing Authorization Checks

6.3

CVE-2023-23975

Jan 20, 2023

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Quick Event Manager <= 9.7.4 - Cross-Site Request Forgery

6.3

CVE-2023-23974

Jan 20, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Sermon'e – Sermons Online <= 1.0.0 - Reflected Cross-Site Scripting

6.1

CVE-2023-41653

Sep 1, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Shortcode IMDB <= 6.0.8 - Cross-Site Request Forgery

6.1

CVE-2023-37892

Jul 11, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Five Star Restaurant Reservations <= 2.6.7 - Reflected Cross-Site Scripting

6.1

CVE-2023-34017

Jun 23, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EventPrime <= 2.8.6 - Reflected Cross-Site Scripting

6.1

CVE-2023-33326

May 22, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

video carousel slider with lightbox <= 1.0.22 - Reflected Cross-Site Scripting

6.1

CVE-2023-2710

May 15, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Video Gallery <= 1.0.10 - Reflected Cross-Site Scripting

6.1

CVE-2023-2708

May 15, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

wordpress vertical image slider plugin <= 1.2.16 - Reflected Cross-Site Scripting

6.1

CVE-2023-24413

May 9, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

WP Responsive Tabs horizontal vertical and accordion Tabs <= 1.1.15 - Reflected Cross-Site Scripting

6.1

CVE-2023-24409

May 9, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Video Grid <= 1.21 - Reflected Cross-Site Scripting

6.1

CVE-2023-30785

Apr 18, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Full Width Banner Slider Wp <= 1.1.7 - Reflected Cross-Site Scripting via search_term

6.1

CVE-2023-24392

Mar 28, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Continuous Image Carousel With Lightbox <= 1.0.15 - Reflected Cross-Site Scripting via search_term, order_by and order_pos

6.1

CVE-2023-28776

Mar 27, 2023

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Title	CVE ID	CVSS	Vector	Date
Daily Prayer Time <= 2023.03.20 - Authenticated (Contributor+) Stored Cross-Site Scripting	CVE-2023-27631	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	March 8, 2023
Simple YouTube Responsive <= 2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode	CVE-2023-25982	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	February 23, 2023
Olevmedia Shortcodes <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting	CVE-2023-25798	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	February 15, 2023
Quick Paypal Payments <= 5.7.25 - Authenticated (Contributor+) Cross Site Scripting	CVE-2023-23889	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	February 15, 2023
Quick Contact Form <= 8.0.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting	CVE-2023-23885	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	February 6, 2023
Interactive Geo Maps <= 1.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode	CVE-2023-23866	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	January 30, 2023
WP Flipclock <= 1.7.4 - Authenticated (Contributor+) Stored Cross Site Scripting	CVE-2023-23728	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	January 20, 2023
Quick Event Manager <= 9.7.4 - Missing Authorization Checks	CVE-2023-23975	6.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L	January 20, 2023
Quick Event Manager <= 9.7.4 - Cross-Site Request Forgery	CVE-2023-23974	6.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L	January 20, 2023
Sermon'e – Sermons Online <= 1.0.0 - Reflected Cross-Site Scripting	CVE-2023-41653	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	September 1, 2023
Shortcode IMDB <= 6.0.8 - Cross-Site Request Forgery	CVE-2023-37892	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	July 11, 2023
Five Star Restaurant Reservations <= 2.6.7 - Reflected Cross-Site Scripting	CVE-2023-34017	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	June 23, 2023
EventPrime <= 2.8.6 - Reflected Cross-Site Scripting	CVE-2023-33326	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 22, 2023
video carousel slider with lightbox <= 1.0.22 - Reflected Cross-Site Scripting	CVE-2023-2710	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 15, 2023
Video Gallery <= 1.0.10 - Reflected Cross-Site Scripting	CVE-2023-2708	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 15, 2023
wordpress vertical image slider plugin <= 1.2.16 - Reflected Cross-Site Scripting	CVE-2023-24413	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 9, 2023
WP Responsive Tabs horizontal vertical and accordion Tabs <= 1.1.15 - Reflected Cross-Site Scripting	CVE-2023-24409	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	May 9, 2023
Video Grid <= 1.21 - Reflected Cross-Site Scripting	CVE-2023-30785	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	April 18, 2023
Full Width Banner Slider Wp <= 1.1.7 - Reflected Cross-Site Scripting via search_term	CVE-2023-24392	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	March 28, 2023
Continuous Image Carousel With Lightbox <= 1.0.15 - Reflected Cross-Site Scripting via search_term, order_by and order_pos	CVE-2023-28776	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	March 27, 2023

Share this researcher's vulnerability discoveries

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation