Dimas Maulana

4,147.80

XP

173

Reports

0

Reports, last 90 days

#27

3 Apr, 2026

🇮🇩

Lvl 7

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Geo Mashup<= 1.13.16 Local File Inclusion	67.62	9.8	06/02/2025
ACF: Google Font Selector<= 3.0.1 Cross Site Scripting (XSS)	14.2	7.1	28/02/2025
Anything Popup<= 7.3 Cross Site Scripting (XSS)	14.2	7.1	06/02/2025
Arrival<= 1.4.5 Local File Inclusion	45	7.5	12/02/2025
Opstore<= 1.4.5 Local File Inclusion	45	7.5	20/02/2025
Xews Lite<= 1.0.9 Local File Inclusion	45	7.5	20/02/2025
Checkout Field Visibility for WooCommerce<= 1.3.0 Local File Inclusion	45	7.5	20/02/2025
Product Lister for eBay<= 2.0.9 Local File Inclusion	45	7.5	28/02/2025
CWW Portfolio<= 1.3.1 Local File Inclusion	45	7.5	14/02/2025
Grace Mag<= 1.1.5 Local File Inclusion	45	7.5	16/02/2025
License For Envato<= 1.0.0 Local File Inclusion	45	7.5	07/02/2025
Capturly<= 2.0.1 Local File Inclusion	45	7.5	17/02/2025
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light<= 2.4.37 Local File Inclusion	45	7.5	24/02/2025
AdminQuickbar<= 1.9.1 Cross Site Scripting (XSS)	14.2	7.1	28/02/2025
Smart Agreements<= 1.0.3 Local File Inclusion	45	7.5	28/02/2025
Docket Cache<= 24.07.02 Local File Inclusion	45	7.5	24/02/2025
hockeydata LOS<= 1.2.4 Local File Inclusion	45	7.5	28/02/2025
ZooEffect<= 1.11 Cross Site Scripting (XSS)	14.2	7.1	19/02/2025
Advanced Custom Fields: Link Picker Field<= 1.2.8 Cross Site Scripting (XSS)	14.2	7.1	28/02/2025
Advance WP Query Search Filter<= 1.0.10 Cross Site Scripting (XSS)	14.2	7.1	01/03/2025
Coming Soon, Maintenance Mode<= 1.1.1 Local File Inclusion	45	7.5	28/02/2025
Arkhe<= 3.12.0 Cross Site Request Forgery (CSRF)	12.15	8.1	11/02/2025
Affiliate Links Lite<= 3.1.0 Cross Site Scripting (XSS)	14.2	7.1	05/02/2025
Activity Reactions For Buddypress<= 1.0.22 Cross Site Scripting (XSS)	14.2	7.1	28/02/2025
Zephyr Project Manager<= 3.3.101 Cross Site Scripting (XSS)	14.2	7.1	27/11/2024
EventON<= 2.4 Local File Inclusion	52.8	8.8	21/01/2025
IDonate<= 2.1.18 Local File Inclusion	48.6	8.1	31/10/2024
Fami WooCommerce Compare<= 1.0.5 Local File Inclusion	45	7.5	24/02/2025
Bulk NoIndex & NoFollow Toolkit<= 2.16 Cross Site Scripting (XSS)	14.2	7.1	15/02/2025
Actionwear products sync<= 2.3.3 SQL Injection	17	8.5	17/12/2024
InstaWP Connect<= 0.1.0.82 Local File Inclusion	90	7.5	06/02/2025
Accounting for WooCommerce<= 1.6.8 Local File Inclusion	51.75	7.5	17/02/2025
Hide My WP Ghost<= 5.4.01 Local File Inclusion	288	9.6	25/02/2025
GetShop ecommerce<= 1.3 Local File Inclusion	48.6	8.1	29/10/2024
HUSKY<= 1.3.6.4 Local File Inclusion	90	7.5	07/02/2025
WC Place Order Without Payment<= 2.6.7 Local File Inclusion	45	7.5	07/02/2025
Funnel Builder by FunnelKit<= 3.9.0 Local File Inclusion	90	7.5	02/02/2025
Web Accessibility By accessiBe<= 2.5 Cross Site Scripting (XSS)	14.2	7.1	03/02/2025
Frontend Admin by DynamiApps<= 3.25.17 Cross Site Scripting (XSS)	14.2	7.1	03/02/2025
Atarim<= 4.1.0 Cross Site Scripting (XSS)	16.33	7.1	06/02/2025
Adsmonetizer<= 3.2.4 Cross Site Scripting (XSS)	14.2	7.1	04/02/2025
FULL Customer<= 3.1.26 Local File Inclusion	90	7.5	21/01/2025
Calculator Builder<= 1.6.2 Local File Inclusion	45	7.5	18/01/2025
Appointment Buddy Widget<= 1.2 Cross Site Scripting (XSS)	N/A	7.1	30/10/2024
Image Rotator<= 2.0 Cross Site Scripting (XSS)	N/A	7.1	30/10/2024
All push notification for WP<= 1.5.3 Cross Site Scripting (XSS)	N/A	7.1	30/10/2024
Fami Sales Popup<= 2.0.0 Local File Inclusion	45	7.5	21/01/2025
Delete Comments By Status<= 2.1.1 Local File Inclusion	45	7.5	21/01/2025
Morkva UA Shipping<= 1.0.18 Local File Inclusion	48.6	8.1	29/12/2024
Admin Options Pages<= 0.9.7 Cross Site Scripting (XSS)	14.2	7.1	16/12/2024
4 author cheer up donate<= 1.3 Cross Site Scripting (XSS)	14.2	7.1	29/10/2024
FAT Event Lite<= 1.1 Local File Inclusion	48.6	8.1	24/12/2024
Rezgo<= 4.17 Local File Inclusion	48.6	8.1	31/10/2024
Build App Online<= 1.0.23 Local File Inclusion	58.8	9.8	31/10/2024
Food Store – Online Food Delivery & Pickup<= 1.5.4 Cross Site Scripting (XSS)	14.2	7.1	25/07/2024
DirectoryPress<= 3.6.19 Cross Site Request Forgery (CSRF)	3.15	7.1	30/06/2024
Wp advertising management<= 1.0.3 Cross Site Scripting (XSS)	14.2	7.1	30/10/2024
AcyMailing SMTP Newsletter< 9.11.1 Cross Site Scripting (XSS)	14.2	7.1	30/11/2024
WP24 Domain Check<= 1.10.14 Cross Site Scripting (XSS)	14.2	7.1	26/11/2024
Ads Booster by Ads Pro<= 1.12 Local File Inclusion	48.6	8.1	29/10/2024
MDTF<= 1.3.3.4 Bypass Vulnerability	14.6	7.3	25/09/2024
CURCY<= 2.2.3 Cross Site Scripting (XSS)	14.2	7.1	29/08/2024
Robokassa payment gateway for Woocommerce<= 1.6.1 Cross Site Scripting (XSS)	14.2	7.1	25/08/2024
BA Book Everything<= 1.6.20 Cross Site Scripting (XSS)	28.4	7.1	26/06/2024
WP Bulk Delete<= 1.3.1 Cross Site Scripting (XSS)	42.6	7.1	24/09/2024
YellowPencil Visual CSS Style Editor<= 7.6.4 Cross Site Scripting (XSS)	42.6	7.1	26/09/2024
Loops & Logic<= 4.1.4 Cross Site Scripting (XSS)	14.2	7.1	28/08/2024
Share This Image<= 2.01 Cross Site Scripting (XSS)	14.2	7.1	26/08/2024
SKT Templates – Elementor & Gutenberg templates<= 6.14 Cross Site Scripting (XSS)	14.2	7.1	27/08/2024
Invite Anyone<= 1.4.7 Cross Site Scripting (XSS)	14.2	7.1	26/07/2024
Child Theme Creator<= 1.5.4 Cross Site Scripting (XSS)	14.2	7.1	29/07/2024
Post Grid Master<= 3.4.10 Cross Site Scripting (XSS)	14.2	7.1	25/06/2024
Message Filter for Contact Form 7<= 1.6.1.1 Cross Site Scripting (XSS)	14.2	7.1	30/06/2024
Custom 404 Pro<= 3.11.1 Cross Site Scripting (XSS)	32.66	7.1	30/06/2024
Zoho CRM Lead Magnet<= 1.7.8.8 Cross Site Scripting (XSS)	24.85	7.1	22/02/2024
Appmaker – Convert WooCommerce to Android & iOS Native Mobile Apps<= 1.36.12 Cross Site Scripting (XSS)	14.2	7.1	26/04/2024
Multisite Content Copier/Updater<= 2.0.0 Cross Site Scripting (XSS)	24.85	7.1	28/02/2024
AdPush<= 1.50 Cross Site Scripting (XSS)	24.85	7.1	26/02/2024
Simple Responsive Slider<= 0.2.2.5 Cross Site Scripting (XSS)	14.2	7.1	28/05/2024
MBE eShip<= 2.2.4 Cross Site Scripting (XSS)	14.2	7.1	28/05/2024
WP Directory Kit<= 1.3.5 Cross Site Scripting (XSS)	14.2	7.1	25/06/2024
bbPress Notify<= 2.18.3 Cross Site Scripting (XSS)	14.2	7.1	26/06/2024
Social Rocket<= 1.3.3 Cross Site Scripting (XSS)	14.2	7.1	28/05/2024
All In One Redirection<= 2.2.0 Cross Site Scripting (XSS)	24.85	7.1	22/02/2024
WPPizza<= 3.18.13 Cross Site Scripting (XSS)	14.2	7.1	28/05/2024
Link Library<= 7.6.3 Cross Site Scripting (XSS)	14.2	7.1	28/02/2024
GiveWP<= 3.12.0 Cross Site Scripting (XSS)	56.8	7.1	29/04/2024
FV Flowplayer Video Player<= 7.5.45.7212 Cross Site Scripting (XSS)	28.4	7.1	26/04/2024
Landing Page Builder<= 1.5.1.8 Cross Site Scripting (XSS)	14.2	7.1	22/03/2024
Webpushr<= 4.35.0 Cross Site Scripting (XSS)	14.2	7.1	25/01/2024
RegistrationMagic<= 5.3.2.0 Cross Site Scripting (XSS)	14.2	7.1	27/03/2024
WPify Woo Czech<= 4.0.10 Cross Site Scripting (XSS)	14.2	7.1	27/03/2024
Sliding Widgets<= 1.5.0 Broken Access Control	6.5	6.5	03/01/2024
Xserver Migrator<= 1.6.2 Cross Site Request Forgery (CSRF)	4.8	9.6	05/01/2024
Sticky Anything<= 2.1.5 Broken Access Control	14.2	7.1	05/01/2024
Easy Set Favicon<= 1.1 Cross Site Scripting (XSS)	14.2	7.1	03/01/2024
LearnPress Export Import<= 4.0.3 Cross Site Scripting (XSS)	14.2	7.1	18/01/2024
Slider by 10Web<= 1.2.54 Cross Site Scripting (XSS)	28.4	7.1	25/01/2024
eCommerce Product Catalog<= 3.3.32 Cross Site Scripting (XSS)	24.85	7.1	27/02/2024
Related Posts for WordPress<= 4.0.3 Cross Site Request Forgery (CSRF)	3.55	7.1	06/01/2024

Report vulnerabilities to earn bounties and rewards!

Include pending