NumeX

Say thanks

890.94

XP

46

Reports

1

Reports, last 90 days

#57

3 Apr, 2026

🇮🇩

Lvl 3

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
WPJAM Basic<= 6.9.2 Arbitrary File Upload	68.31	9.9	24/01/2026
Widget Wrangler<= 2.3.9 Remote Code Execution (RCE)	13.65	9.1	21/12/2025
WP System Log<= 1.2.7 Broken Access Control	6.5	6.5	21/12/2025
Mobile App Editor<= 1.3.1 Arbitrary File Upload	6.83	9.1	12/12/2025
PitchPrint<= 11.1.2 Arbitrary File Deletion	22.5	7.5	09/12/2025
WBW Currency Switcher for WooCommerce<= 2.2.5 Broken Access Control	24.38	5.3	24/01/2026
Aruba HiSpeed Cache<= 3.0.4 Broken Access Control	52	6.5	13/11/2025
Download Manager Addons for Elementor<= 1.3.0 SQL Injection	37.2	9.3	27/11/2025
LottieFiles<= 3.0.0 Broken Access Control	14.6	7.3	23/11/2025
Sync Master Sheet – Product Sync with Google Sheet for WooCommerce<= 1.1.3 Broken Access Control	7.5	7.5	21/11/2025
Plugin BlueX for WooCommerce<= 3.1.6 Broken Access Control	14.6	7.3	20/11/2025
Authorsy<= 1.0.6 Insecure Direct Object References (IDOR)	15	7.5	18/11/2025
Shiprocket<= 2.0.8 Insecure Direct Object References (IDOR)	7.5	7.5	19/11/2025
Leadpages<= 1.1.3 Broken Access Control	13	6.5	18/11/2025
ConveyThis<= 269.8 Broken Access Control	13	6.5	18/11/2025
WPLegalPages<= 3.5.4 Broken Access Control	15	7.5	16/11/2025
NextMove Lite<= 2.23.0 Broken Access Control	17.25	7.5	15/11/2025
UPI QR Code Payment Gateway for WooCommerce<= 1.5.1 Broken Access Control	29.9	6.5	14/11/2025
MailerLite – WooCommerce integration<= 3.1.2 SQL Injection	74.4	9.3	04/11/2025
Scalenut<= 1.1.5 Broken Access Control	7.5	7.5	04/11/2025
Order Listener for WooCommerce<= 3.6.1 Broken Access Control	18.8	9.4	30/10/2025
onepay Payment Gateway For WooCommerce<= 1.1.2 Other Vulnerability Type	13	6.5	23/10/2025
Creator LMS<= 1.1.12 Broken Access Control	N/A	5.3	11/12/2025
Accordion<= 3.0.3 Cross Site Scripting (XSS)	2.95	5.9	08/12/2025
Owl Carousel WP<= 2.2.2 Cross Site Scripting (XSS)	2.95	5.9	02/12/2025
AI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One<= 1.1.7 Broken Access Control	3.71	4.3	01/11/2025
WP Advanced PDF<= 1.1.7 Other Vulnerability Type	10.8	5.4	23/10/2025
AweBooking<= 3.2.26 Sensitive Data Exposure	6.5	6.5	05/10/2025
Youzify<= 1.3.7 Server Side Request Forgery (SSRF)	4.9	4.9	27/11/2025
Widgets for Social Photo Feed<= 1.8 Broken Access Control	10.6	5.3	23/11/2025
Bit Assist<= 1.5.11 Broken Access Control	12.19	5.3	19/11/2025
FAPI Member<= 2.2.29 Insecure Direct Object References (IDOR)	7.95	5.3	16/11/2025
Wbcom Designs<= 2.1.1 Broken Access Control	N/A	5.3	20/11/2025
LA-Studio Element Kit for Elementor< 1.5.6.3 Broken Access Control	19.78	4.3	15/11/2025
Pochipp<= 1.18.0 Broken Access Control	10.6	5.3	14/11/2025
Sendinblue for WooCommerce<= 4.0.49 Broken Access Control	10.6	5.3	14/11/2025
Prime Slider – Addons For Elementor<= 4.0.10 Server Side Request Forgery (SSRF)	45.08	4.9	13/11/2025
Yandex.Metrica<= 1.2.2 Broken Access Control	31.8	5.3	07/11/2025
Hype<= 1.0.5 Broken Access Control	N/A	5.3	04/11/2025
Subscriptions & Memberships for PayPal<= 1.1.7 Broken Access Control	10.6	5.3	29/10/2025
Google XML Sitemaps<= 4.1.22 Broken Access Control	74.2	5.3	22/08/2025
Progress Planner<= 1.8.0 Privilege Escalation	35.64	8.8	02/10/2025
Gallery Custom Links<= 2.2.5 Cross Site Scripting (XSS)	5.9	5.9	26/08/2025

Report vulnerabilities to earn bounties and rewards!

Include pending