Wordfence Intelligence   >   Search Results

Showing 61-80 of 453 search results

Refine your search

Tip: You can search by CVE ID, software name or slug, or the researcher name. Expand to read about more advanced search options.

If you want to perform more advanced lookups, you can use keywords to further refine your search.

For example, woocommerce researcher:"chloe chamberland" would search for any vulnerabilities discovered by Chloe Chamberland in software that has WooCommerce in the title.

Keywords are added in keyword:value format. If the value contains spaces, you must enclose it in quotation marks.

You can use the following keywords to add criteria to your search:

title
Searches through the title of each vulnerability for matches.
date
Returns vulnerabilities by publication date. Use YYYY-MM-DD, YYYY-MM or YYYY format.
cvss-rating
Use low, medium, high or critical to limit the search to vulnerabilities with the specified rating.
researcher
Returns vulnerabilities credited to researchers containing the given text.
software
Returns vulnerabilities discovered in software containing the given text.
software-slug
Returns vulnerabilities discovered in software exactly matching the given slug.
software-type
Use plugin, theme or core to limit the search to the specified type of software.
By selecting “Search” you acknowledge that you have read and agree to the Wordfence Intelligence Terms and Conditions.
ChatBot <= 4.3.0 - Authenticated (Admin+) Cross-Site Scripting
4.4
CVE-2022-47613
Jan 27, 2023
Researcher: Rafshanzani Suhada
Connect Contact Form 7, WooCommerce To Google Sheets & Other Platforms – Advanced Form Integration <= 1.62.0 - Authenticated (Admin+) Cross Site Scripting
4.4
CVE-2022-47173
Jan 27, 2023
Researcher: TEAM WEBoB of BoB 11th
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2022-4777
Jan 27, 2023
Researcher: István Márton
JS Help Desk <= 2.7.1 - Missing Authorization to Plugin Settings Update
9.1
CVE-2022-46838
Jan 27, 2023
Researcher: Vladislav Pokrovsky (ΞX.MI)
Simple Image Popup <= 1.3.6 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2022-47610
Jan 27, 2023
Researcher: Mika
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2022-4777
Jan 27, 2023
Researcher: István Márton
Advanced Social Pixel <= 2.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-2023-24381
Jan 27, 2023
Researcher: Rio Darmawan
Welcart e-Commerce <= 2.8.10 - Unauthenticated Stored Cross-Site Scripting
7.2
CVE-2023-22705
Jan 27, 2023
Researcher: Le Ngoc Anh
Simple Photo Gallery <= 1.8.1 - Authenticated (Admin+) SQL Injection
9.1
CVE-2022-47588
Jan 27, 2023
Researcher: minhtuanact
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2022-4777
Jan 27, 2023
Researcher: István Márton
ChatBot <= 4.2.8 - Cross-Site Request Forgery to Stored Cross-Site Scripting and Settings Reset
5.4
CVE-2023-24415
Jan 27, 2023
Researcher: Rafshanzani Suhada
JS Help Desk <= 2.7.1 - Unauthenticated SQL Injection
8.6
CVE-2022-47151
Jan 27, 2023
Researcher: Vladislav Pokrovsky (ΞX.MI)
Ecwid Ecommerce Shopping Cart <= 6.11.3 - Cross Site Request Forgery
4.3
CVE-2023-24377
Jan 27, 2023
Researcher: István Márton
WPComplete <= 2.9.4 - Reflected Cross-Site Scripting
6.1
CVE-2022-45825
Jan 27, 2023
Researcher: minhtuanact
Greenshift – animation and page builder blocks <= 4.9.9 - Authenticated (Author+) Stored Cross-Site Scripting
6.4
CVE-2023-22707
Jan 27, 2023
Researcher: n0paew
Organization chart <= 1.4.4 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2023-24387
Jan 27, 2023
Researcher: yuyudhn
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2022-4777
Jan 27, 2023
Researcher: István Márton
Uncanny Toolkit for LearnDash <= 3.6.4.1 - Cross-Site Request Forgery to Arbitrary Plugin Install and Activation
8.8
CVE-2023-23714
Jan 27, 2023
Researcher: István Márton
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2022-4777
Jan 26, 2023
Researcher: István Márton
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2022-4777
Jan 26, 2023
Researcher: István Márton
Title CVE ID CVSS Researchers Date
ChatBot <= 4.3.0 - Authenticated (Admin+) Cross-Site Scripting CVE-2022-47613 4.4 Rafshanzani Suhada January 27, 2023
Connect Contact Form 7, WooCommerce To Google Sheets & Other Platforms – Advanced Form Integration <= 1.62.0 - Authenticated (Admin+) Cross Site Scripting CVE-2022-47173 4.4 TEAM WEBoB of BoB 11th January 27, 2023
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2022-4777 6.4 István Márton January 27, 2023
JS Help Desk <= 2.7.1 - Missing Authorization to Plugin Settings Update CVE-2022-46838 9.1 Vladislav Pokrovsky (ΞX.MI) January 27, 2023
Simple Image Popup <= 1.3.6 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2022-47610 4.4 Mika January 27, 2023
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2022-4777 6.4 István Márton January 27, 2023
Advanced Social Pixel <= 2.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting CVE-2023-24381 4.4 Rio Darmawan January 27, 2023
Welcart e-Commerce <= 2.8.10 - Unauthenticated Stored Cross-Site Scripting CVE-2023-22705 7.2 Le Ngoc Anh January 27, 2023
Simple Photo Gallery <= 1.8.1 - Authenticated (Admin+) SQL Injection CVE-2022-47588 9.1 minhtuanact January 27, 2023
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2022-4777 6.4 István Márton January 27, 2023
ChatBot <= 4.2.8 - Cross-Site Request Forgery to Stored Cross-Site Scripting and Settings Reset CVE-2023-24415 5.4 Rafshanzani Suhada January 27, 2023
JS Help Desk <= 2.7.1 - Unauthenticated SQL Injection CVE-2022-47151 8.6 Vladislav Pokrovsky (ΞX.MI) January 27, 2023
Ecwid Ecommerce Shopping Cart <= 6.11.3 - Cross Site Request Forgery CVE-2023-24377 4.3 István Márton January 27, 2023
WPComplete <= 2.9.4 - Reflected Cross-Site Scripting CVE-2022-45825 6.1 minhtuanact January 27, 2023
Greenshift – animation and page builder blocks <= 4.9.9 - Authenticated (Author+) Stored Cross-Site Scripting CVE-2023-22707 6.4 n0paew January 27, 2023
Organization chart <= 1.4.4 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-24387 4.4 yuyudhn January 27, 2023
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2022-4777 6.4 István Márton January 27, 2023
Uncanny Toolkit for LearnDash <= 3.6.4.1 - Cross-Site Request Forgery to Arbitrary Plugin Install and Activation CVE-2023-23714 8.8 István Márton January 27, 2023
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2022-4777 6.4 István Márton January 26, 2023
BootStrap Shortcode <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2022-4777 6.4 István Márton January 26, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation