Peng Zhou

642.57

XP

43

Reports

0

Reports, last 90 days

#7

3 Apr, 2026

🇨🇳

Lvl 3

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
WordPress Tag Cloud Plugin – Tag Groups<= 2.0.3 Sensitive Data Exposure	10.6	5.3	31/03/2024
Masterstudy LMS Starter<= 1.1.8 Sensitive Data Exposure	10.6	5.3	19/03/2024
WP SMS<= 6.9.3 Broken Access Control	10.6	5.3	28/03/2024
Create by Mediavine<= 1.9.8 Sensitive Data Exposure	10.6	5.3	29/03/2024
Store Locator Plus<= 2311.17.01 Sensitive Data Exposure	10.6	5.3	30/03/2024
DirectoryPress<= 3.6.10 SQL Injection	9.56	8.5	17/02/2024
Olive One Click Demo Import<= 1.1.2 Sensitive Data Exposure	10.6	5.3	28/02/2024
Realtyna Organic IDX plugin<= 4.14.13 Arbitrary File Upload	N/A	9.1	06/03/2024
Import Spreadsheets from Microsoft Excel<= 10.1.4 Arbitrary File Upload	13.65	9.1	17/02/2024
Seraphinite Post .DOCX Source<= 2.16.9 Server Side Request Forgery (SSRF)	7.1	7.1	13/02/2024
Seraphinite Post .DOCX Source<= 2.16.9 Broken Access Control	4.3	4.3	13/02/2024
WP2Speed Faster<= 1.0.1 Sensitive Data Exposure	10.6	5.3	31/03/2024
Generate PDF using Contact Form 7<= 4.1.2 Cross Site Request Forgery (CSRF)	N/A	9.6	06/03/2024
FileBird Document Library<= 2.0.6 Sensitive Data Exposure	10.6	5.3	03/04/2024
Tablesome<= 1.0.33 Sensitive Data Exposure	10.6	5.3	29/03/2024
Church Admin<= 4.4.6 Arbitrary File Upload	34.16	9.9	20/02/2024
Newsletters<= 4.9.7 Cross Site Request Forgery (CSRF)	2.15	4.3	29/02/2024
Podlove Web Player<= 5.7.3 Sensitive Data Exposure	10.6	5.3	30/03/2024
FundEngine<= 1.6.4 Broken Access Control	10.6	5.3	02/04/2024
Gutenify<= 1.4.0 Sensitive Data Exposure	10.6	5.3	30/03/2024
Filebird<= 5.6.3 Sensitive Data Exposure	53	5.3	25/03/2024
Academy LMS<= 1.9.25 Sensitive Data Exposure	10.6	5.3	03/04/2024
ShopBuilder – Elementor WooCommerce Builder Addons<= 2.1.8 Sensitive Data Exposure	10.6	5.3	04/04/2024
MC Woocommerce Wishlist<= 1.7.8 Broken Access Control	10.6	5.3	03/04/2024
WP Job Manager<= 2.2.2 Sensitive Data Exposure	42.4	5.3	26/03/2024
weDocs<= 2.1.4 Broken Access Control	10.6	5.3	30/03/2024
SEOPress<= 7.7.1 Insecure Direct Object References (IDOR)	53	5.3	27/03/2024
Robo Gallery<= 3.2.18 Sensitive Data Exposure	31.8	5.3	28/03/2024
Newsletters<= 4.9.5 Arbitrary File Upload	N/A	9.1	06/03/2024
Newsletters<= 4.9.5 Sensitive Data Exposure	15	7.5	29/02/2024
Post Grid and Gutenberg Blocks<= 2.2.78 Sensitive Data Exposure	45	7.5	22/03/2024
Hummingbird<= 3.7.3 Broken Access Control	39.56	4.3	25/03/2024
AWP Classifieds<= 4.3.1 Cross Site Request Forgery (CSRF)	2.15	4.3	07/02/2024
Podlove Podcast Publisher<= 4.0.12 SQL Injection	9.56	8.5	10/02/2024
Church Admin<= 4.1.6 Broken Access Control	7.25	6.3	16/02/2024
Church Admin<= 4.1.5 Arbitrary File Upload	34.16	9.9	15/02/2024
Shortcode Addons<= 3.2.5 Arbitrary File Upload	N/A	9.1	23/02/2024
CubeWP<= 1.1.12 Arbitrary File Upload	29.7	9.9	28/02/2024
Church Admin<= 4.1.7 Cross Site Request Forgery (CSRF)	2.47	4.3	15/02/2024
WP SMS<= 6.6.2 Cross Site Request Forgery (CSRF)	2.15	4.3	06/03/2024
Tumult Hype Animations<= 1.9.12 Arbitrary File Upload	13.65	9.1	04/02/2024
Tainacan<= 0.20.6 Sensitive Data Exposure	10.6	5.3	18/02/2024

Report vulnerabilities to earn bounties and rewards!

Include pending