benzdeus

786.29

XP

45

Reports

5

Reports, last 90 days

#50

3 Apr, 2026

🇹🇭

Lvl 3

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Website LLMs.txt<= 8.2.6 Cross Site Scripting (XSS)	28.4	7.1	12/12/2025
WP Booking System<= 2.0.19.12 Sensitive Data Exposure	11.6	5.8	05/12/2025
WP Food< 2.7.1 Broken Access Control	7.95	5.3	31/01/2026
SMS Alert Order Notifications<= 3.9.0 Broken Access Control	12.42	5.4	19/01/2026
Editorial Calendar<= 3.9.0 Cross Site Scripting (XSS)	5.61	6.5	16/01/2026
WooODT Lite<= 2.5.2 Bypass Vulnerability	11.25	7.5	29/11/2025
WP Job Portal<= 2.4.4 Broken Access Control	34.5	7.5	29/10/2025
ELEX WordPress HelpDesk & Customer Ticketing System<= 3.3.5 Broken Access Control	3.25	6.5	15/11/2025
FluentCart< 1.3.0 Cross Site Scripting (XSS)	14.2	7.1	15/11/2025
FluentForm<= 6.1.14 Broken Access Control	29.67	4.3	26/12/2025
WPElemento Importer<= 0.6.4 Broken Access Control	4.3	4.3	25/12/2025
Tabby Checkout<= 5.8.4 Sensitive Data Exposure	15	7.5	08/11/2025
Contact Form & Lead Form Elementor Builder<= 2.0.1 Sensitive Data Exposure	6.5	6.5	31/10/2025
Simply Schedule Appointments<= 1.6.9.15 Broken Access Control	39	6.5	31/10/2025
HurryTimer<= 2.14.2 Cross Site Scripting (XSS)	2.95	5.9	12/12/2025
myCred<= 2.9.7.3 Broken Access Control	9.89	4.3	20/11/2025
User Submitted Posts<= 20251121 Open Redirection	9.4	4.7	02/12/2025
Hotel Booking<= 3.8 Broken Access Control	10.6	5.3	28/10/2025
HR Management Lite<= 3.6 Broken Access Control	N/A	5.4	28/11/2025
Astra Widgets<= 1.2.16 Cross Site Scripting (XSS)	16.96	5.9	28/11/2025
Stratum<= 1.6.1 Broken Access Control	8.6	4.3	27/11/2025
Five Star Restaurant Reservations<= 2.7.8 Cross Site Request Forgery (CSRF)	0.68	5.4	24/11/2025
WPBulky<= 1.1.13 SQL Injection	17.48	7.6	29/11/2025
HAPPY<= 1.0.9 Broken Access Control	24.38	5.3	25/11/2025
WCFM – Frontend Manager for WooCommerce<= 6.7.24 Broken Access Control	3.11	2.7	16/11/2025
WCFM Marketplace<= 3.7.1 Broken Access Control	5.64	4.9	16/11/2025
Multi-Step Checkout for WooCommerce<= 2.33 Cross Site Scripting (XSS)	N/A	6.5	21/11/2025
WP AI CoPilot<= 1.2.7 Sensitive Data Exposure	3.75	5	08/11/2025
WP EasyCart<= 5.8.11 Sensitive Data Exposure	10.6	5.3	08/11/2025
WPKoi Templates for Elementor<= 3.4.4 Broken Access Control	9.89	4.3	06/11/2025
SMS Alert Order Notifications<= 3.8.8 Broken Access Control	24.38	5.3	05/11/2025
LearnPress<= 4.2.9.4 Broken Access Control	45	7.5	31/10/2025
JetFormBuilder<= 3.5.3 Broken Access Control	79.5	5.3	30/10/2025
KiviCare<= 3.6.13 SQL Injection	19.55	8.5	28/10/2025
Hotel Booking Lite<= 5.2.3 Remote Code Execution (RCE)	27.3	9.1	26/10/2025

Report vulnerabilities to earn bounties and rewards!

Include pending