theviper17

1,421.91

XP

183

Reports

0

Reports, last 90 days

#15

3 Apr, 2026

🇩🇿

Lvl 4

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Vertex Addons for Elementor<= 1.6.4 Broken Access Control	6.5	6.5	31/12/2025
Product Slider for WooCommerce<= 1.13.61 Broken Access Control	7.48	6.5	19/12/2025
My auctions allegro<= 3.6.35 Cross Site Scripting (XSS)	10.65	7.1	08/12/2025
Email Inquiry & Cart Options for WooCommerce<= 3.4.3 Cross Site Scripting (XSS)	3.66	6.5	27/12/2025
Nova Blocks<= 2.1.9 Cross Site Scripting (XSS)	5.61	6.5	27/12/2025
WP Bannerize Pro<= 1.11.0 Broken Access Control	7.95	5.3	26/12/2025
Omnipress<= 1.6.7 Cross Site Scripting (XSS)	3.66	6.5	26/12/2025
Omnipress<= 1.6.7 Local File Inclusion	8.44	7.5	25/12/2025
Blockons<= 1.2.19 Cross Site Scripting (XSS)	3.66	6.5	24/12/2025
Textmetrics<= 3.6.5 Content Injection	4.95	4.3	22/12/2025
B Accordion<= 2.0.2 Sensitive Data Exposure	5.61	6.5	22/12/2025
iNET Webkit<= 1.2.4 Broken Access Control	4.88	6.5	22/12/2025
Extend Link<= 2.0.0 Server Side Request Forgery (SSRF)	3.68	4.9	22/12/2025
UX Flat<= 5.4.0 Cross Site Scripting (XSS)	4.88	6.5	21/12/2025
Bold Page Builder<= 5.6.9 Cross Site Scripting (XSS)	14.63	6.5	21/12/2025
Visual Link Preview<= 2.2.9 Broken Access Control	4.88	6.5	19/12/2025
Hyyan WooCommerce Polylang Integration<= 1.5.0 Broken Access Control	4.88	6.5	19/12/2025
Ninja Tables<= 5.2.5 Sensitive Data Exposure	11.13	4.3	19/12/2025
HDForms<= 1.6.1 Arbitrary File Deletion	25.8	8.6	16/09/2025
iThemes Sync<= 3.2.8 Broken Access Control	6.45	4.3	12/12/2025
WP Popups<= 2.2.0.5 Broken Access Control	9.75	6.5	12/12/2025
Block Slider<= 2.2.3 Broken Access Control	4.88	6.5	08/12/2025
WPAdverts<= 2.3.0 Broken Access Control	4.88	6.5	08/12/2025
My auctions allegro<= 3.6.33 Local File Inclusion	8.44	7.5	05/12/2025
WP Delicious<= 1.9.1 Broken Access Control	4.88	6.5	10/10/2025
WordPress Image shrinker<= 1.1.0 Server Side Request Forgery (SSRF)	N/A	4.9	28/08/2025
Icegram Express Pro<= 5.9.5 Server Side Request Forgery (SSRF)	N/A	4.4	27/08/2025
Icegram Express Pro< 5.9.14 PHP Object Injection	N/A	7.2	27/08/2025
HT Mega – Absolute Addons for WPBakery Page Builder<= 1.0.9 Cross Site Scripting (XSS)	4.88	6.5	06/07/2025
WP-Members<= 3.5.4.2 Cross Site Scripting (XSS)	12.38	5.5	22/07/2025
Flexible PDF Invoices for WooCommerce & WordPress<= 6.0.13 Cross Site Request Forgery (CSRF)	3.55	7.1	23/07/2025
WP Social Widget<= 2.3.1 Cross Site Scripting (XSS)	4.88	6.5	23/07/2025
WP Subtitle<= 3.4.1 Cross Site Scripting (XSS)	4.88	6.5	24/07/2025
Compact Archives<= 4.1.0 Cross Site Scripting (XSS)	4.88	6.5	26/07/2025
GD bbPress Tools<= 3.5.3 Cross Site Scripting (XSS)	4.88	6.5	26/07/2025
Nextend Facebook Connect <= 3.1.19 Cross Site Scripting (XSS)	24.38	6.5	30/07/2025
Card Elements for WPBakery<= 1.0.8 Cross Site Scripting (XSS)	3.66	6.5	30/07/2025
Front End Users<= 3.2.35 Cross Site Scripting (XSS)	3.66	6.5	31/07/2025
Highlight and Share<= 5.1.1 Cross Site Scripting (XSS)	3.66	6.5	07/08/2025
Events Manager – OpenStreetMaps<= 4.2.1 Cross Site Scripting (XSS)	3.66	6.5	08/08/2025
Simple JWT Login<= 3.6.4 Cross Site Scripting (XSS)	4.88	6.5	10/08/2025
코드엠샵 소셜톡<= 1.2.2 Cross Site Scripting (XSS)	3.66	6.5	28/06/2025
WP Publication Archive <= 3.0.1 Cross Site Scripting (XSS)	3.66	6.5	28/06/2025
Get Cash<= 3.2.3 Cross Site Scripting (XSS)	3.66	6.5	28/06/2025
Stagtools<= 2.3.8 Cross Site Scripting (XSS)	4.88	6.5	09/06/2025
Kiwi<= 2.1.8 Cross Site Scripting (XSS)	4.88	6.5	24/06/2025
Gallery PhotoBlocks<= 1.3.1 Cross Site Scripting (XSS)	4.88	6.5	10/08/2025
Chatbox Manager<= 1.2.6 Cross Site Scripting (XSS)	3.66	6.5	28/06/2025
Page Manager for Elementor<= 2.0.5 Broken Access Control	3.8	7.6	22/05/2025
WPAvatar<= 1.9.4 Cross Site Scripting (XSS)	3.66	6.5	07/08/2025
Statify Widget<= 1.4.6 Cross Site Scripting (XSS)	4.88	6.5	11/08/2025
WP Voting Contest<= 5.8 Broken Access Control	11.25	7.5	22/07/2025
Essential Doo Components for Visual Composer<= 1.9 Cross Site Scripting (XSS)	3.66	6.5	06/07/2025
CodeablePress<= 1.0.2 Broken Access Control	N/A	4.3	30/05/2025
Build App Online<= 1.0.23 Cross Site Request Forgery (CSRF)	2.44	6.5	30/05/2025
WP Table Builder<= 2.0.12 Cross Site Scripting (XSS)	14.63	6.5	25/06/2025
Neon Channel Product Customizer Free<= 2.0 Arbitrary Content Deletion	7.5	7.5	19/06/2025
Hide Text Shortcode<= 1.1 Cross Site Scripting (XSS)	3.66	6.5	28/06/2025
Project Cost Calculator<= 1.0.0 Broken Access Control	3.55	7.1	20/05/2025
SMM API<= 6.0.31 Broken Access Control	3.55	7.1	20/05/2025
Code Engine<= 0.3.3 Remote Code Execution (RCE)	16.71	9.9	29/06/2025
Product XML Feed Manager for WooCommerce<= 2.9.3 Remote Code Execution (RCE)	14.85	9.9	15/05/2025
StoreKeeper for WooCommerce<= 14.4.4 Arbitrary File Upload	30	10	20/06/2025
AI Tools<= 4.0.7 Arbitrary Content Deletion	3.25	6.5	19/05/2025
Bold Page Builder<= 5.4.1 Cross Site Scripting (XSS)	14.63	6.5	25/06/2025
PW WooCommerce On Sale!<= 1.39 Broken Access Control	3.55	7.1	20/05/2025
WP DB Booster<= 1.0.1 Broken Access Control	N/A	5.4	23/05/2025
HT Mega – Absolute Addons for WPBakery Page Builder<= 1.0.8 Cross Site Scripting (XSS)	4.88	6.5	09/06/2025
HT Slider For Elementor<= 1.6.5 Cross Site Scripting (XSS)	4.88	6.5	11/06/2025
Abandoned Contact Form 7<= 2.2 Broken Access Control	8.2	8.2	20/05/2025
Enhanced Blocks – Page Builder Blocks for Gutenberg<= 1.4.1 Broken Access Control	3.25	6.5	21/05/2025
WPComplete<= 2.9.5 Cross Site Scripting (XSS)	4.88	6.5	17/05/2025
AIO WP Builder<= 2.0.2 Broken Access Control	3.8	7.6	19/05/2025
Audio Editor & Recorder<= 2.2.1 Broken Access Control	N/A	5.3	21/05/2025
SocialMark<= 2.0.7 Server Side Request Forgery (SSRF)	4.9	4.9	28/04/2025
Contact Form<= 2.0.12 Cross Site Scripting (XSS)	4.88	6.5	28/04/2025
Nexa Blocks<= 1.1.1 Server Side Request Forgery (SSRF)	3.68	4.9	02/05/2025
Mega Menu Block<= 1.0.6 Cross Site Scripting (XSS)	4.88	6.5	30/04/2025
RS WP Book Showcase<= 6.7.59 Content Injection	10.6	5.3	12/04/2025
Display Remote Posts Block<= 1.1.0 Server Side Request Forgery (SSRF)	4.8	6.4	30/04/2025
Easy Replace Image<= 3.5.0 Server Side Request Forgery (SSRF)	3.68	4.9	30/04/2025
SKT Skill Bar<= 2.4 Cross Site Scripting (XSS)	4.88	6.5	19/04/2025
GS Testimonial Slider<= 3.2.9 Content Injection	10.6	5.3	12/04/2025
Posts for Page<= 2.1 Cross Site Scripting (XSS)	4.88	6.5	20/04/2025
WPCafe<= 2.2.32 Local File Inclusion	16.88	7.5	23/03/2025
BERTHA AI<= 1.12.10.2 Arbitrary Content Deletion	7.1	7.1	30/03/2025
WP Flipclock<= 1.9.1 Cross Site Scripting (XSS)	4.88	6.5	18/10/2024
Eventin<= 4.0.25 Local File Inclusion	16.88	7.5	20/03/2025
Real Estate Manager<= 7.3 Arbitrary Code Execution	14.6	7.3	31/12/2024
Solace Extra<= 1.3.1 Arbitrary File Upload	29.7	9.9	16/02/2025
WP Food ordering and Restaurant Menu<= 2.7 Local File Inclusion	48.6	8.1	29/03/2025
Woo Product Feed For Marketing Channels<= 1.9.0 Broken Access Control	5.63	7.5	29/03/2025
Waymark<= 1.5.2 Server Side Request Forgery (SSRF)	3.68	4.9	31/03/2025
Waymark<= 1.5.3 Cross Site Scripting (XSS)	4.88	6.5	31/03/2025
WP shop<= 2.6.1 Cross Site Request Forgery (CSRF)	14.4	9.6	24/12/2024
Bulk Product Sync<= 8.6 SQL Injection	37.2	9.3	28/12/2024
Accessibility Suite<= 4.18 Arbitrary File Upload	19.5	6.5	20/09/2024
Revive.so<= 2.0.3 Broken Access Control	4.3	4.3	30/12/2024
Contact Form Builder by vcita<= 4.10.2 Cross Site Scripting (XSS)	4.88	6.5	20/09/2024
Video Playlist For YouTube<= 6.7.1 Cross Site Scripting (XSS)	4.88	6.5	20/11/2024

Report vulnerabilities to earn bounties and rewards!

Include pending