Abdi Pranata

Say thanks

3,695.50

XP

485

Reports

0

Reports, last 90 days

#25

3 Apr, 2026

🇮🇩

Lvl 6

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Spotlight - Social Media Feeds (Premium)<= 1.7.1 Sensitive Data Exposure	10.6	5.3	21/01/2025
TableOn<= 1.0.3 Cross Site Scripting (XSS)	14.2	7.1	31/12/2024
Listings for Buildium<= 0.1.5 Cross Site Request Forgery (CSRF)	3.55	7.1	14/01/2025
Restrict User Registration<= 1.0.1 Cross Site Scripting (XSS)	14.2	7.1	18/02/2025
WP AutoKeyword<= 1.0 Cross Site Scripting (XSS)	14.2	7.1	26/12/2024
WP SmartPay<= 2.8.2 Other Vulnerability Type	15	7.5	09/03/2025
Coming Soon Countdown<= 2.2 Cross Site Scripting (XSS)	14.2	7.1	26/12/2024
WP w3all phpBB<= 2.9.9 Cross Site Request Forgery (CSRF)	3.55	7.1	24/12/2024
DeBounce Email Validator<= 5.7.1 Cross Site Request Forgery (CSRF)	3.55	7.1	26/12/2024
WordPress Spam Blocker<= 2.0.5 Cross Site Request Forgery (CSRF)	3.55	7.1	26/12/2024
WP Abstracts<= 2.7.5 Cross Site Request Forgery (CSRF)	3.55	7.1	31/12/2024
Foliopress WYSIWYG<= 2.6.18 Cross Site Request Forgery (CSRF)	3.55	7.1	19/01/2025
User Session Synchronizer<= 1.4.0 Cross Site Request Forgery (CSRF)	3.55	7.1	20/01/2025
Nimbata Call Tracking<= 1.7.4 Cross Site Request Forgery (CSRF)	3.55	7.1	22/01/2025
Multiple Location Google Map<= 1.1 Cross Site Request Forgery (CSRF)	3.55	7.1	22/01/2025
KeyCAPTCHA<= 2.5.1 Cross Site Request Forgery (CSRF)	3.55	7.1	23/01/2025
WP Map Route Planner<= 1.0.0 Cross Site Request Forgery (CSRF)	3.55	7.1	23/01/2025
PlainInventory<= 3.1.9 Cross Site Request Forgery (CSRF)	3.55	7.1	25/01/2025
Czater.pl – live chat i telefon<= 1.0.5 Cross Site Request Forgery (CSRF)	3.55	7.1	27/01/2025
1 Click WordPress Migration<= 2.5.7 Sensitive Data Exposure	10.6	5.3	23/12/2024
Social Share Buttons & Analytics Plugin – GetSocial.io<= 4.5 Broken Access Control	4.3	4.3	12/07/2024
TableOn<= 1.0.5.1 Broken Access Control	N/A	5.4	31/12/2024
Team Builder<= 1.3 Cross Site Scripting (XSS)	14.2	7.1	22/01/2025
MyBookProgress by Stormhill Media<= 1.0.8 Cross Site Scripting (XSS)	6.5	6.5	31/12/2024
Contact Form vCard Generator<= 2.4 Cross Site Scripting (XSS)	14.2	7.1	15/01/2025
PeproDev CF7 Database<= 2.0.0 Cross Site Scripting (XSS)	14.2	7.1	20/01/2025
JSON Structuring Markup<= 0.1 Cross Site Request Forgery (CSRF)	3.55	7.1	25/02/2025
WP Clone any post type<= 3.6 Broken Access Control	10.6	5.3	23/12/2024
WP Clone any post type<= 3.6 Unvalidated Redirects and Forwards	9.4	4.7	23/12/2024
SMM API<= 6.0.31 Cross Site Scripting (XSS)	13	6.5	14/01/2025
Theme Duplicator<= 1.1 Cross Site Request Forgery (CSRF)	2.15	4.3	24/12/2024
Viral Loops WP Integration<= 3.4.0 Sensitive Data Exposure	N/A	5.3	28/12/2024
ACF City Selector<= 1.17.0 Sensitive Data Exposure	N/A	5.3	19/01/2025
Mobile App Canvas<= 3.8.2 Broken Access Control	N/A	5.4	31/12/2024
Pin Generator<= 2.0.0 Broken Access Control	N/A	5.4	28/12/2024
Fonts Manager \| Custom Fonts<= 1.2 Cross Site Scripting (XSS)	14.2	7.1	19/01/2025
LeadLab by wiredminds<= 1.3 Cross Site Scripting (XSS)	14.2	7.1	25/01/2025
The Logo Slider<= 1.0.0 Cross Site Scripting (XSS)	14.2	7.1	22/01/2025
RJ Quickcharts<= 0.6.1 SQL Injection	17	8.5	21/01/2025
Leadfox for WordPress<= 2.1.9 Cross Site Request Forgery (CSRF)	3.55	7.1	14/01/2025
WP Copy Media URL<= 2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	15/01/2025
Related Posts Widget with Thumbnails<= 1.2 Cross Site Request Forgery (CSRF)	3.55	7.1	23/01/2025
wordpress related Posts with thumbnails<= 3.0.0.1 Cross Site Request Forgery (CSRF)	3.55	7.1	23/01/2025
Rio Video Gallery<= 2.3.6 Cross Site Request Forgery (CSRF)	3.55	7.1	25/01/2025
Kento WordPress Stats<= 1.1 Cross Site Scripting (XSS)	14.2	7.1	28/02/2025
Store Locator Widget<= 2025r2 Cross Site Request Forgery (CSRF)	3.55	7.1	30/12/2024
Map Contact<= 3.0.4 Cross Site Request Forgery (CSRF)	3.55	7.1	09/03/2025
LH OGP Meta<= 1.73 Cross Site Request Forgery (CSRF)	3.55	7.1	09/03/2025
cTabs<= 1.3 Cross Site Request Forgery (CSRF)	3.55	7.1	09/03/2025
Pro Rank Tracker<= 1.0.0 Cross Site Request Forgery (CSRF)	3.55	7.1	09/03/2025
ANAC XML Render<= 1.5.7 Cross Site Request Forgery (CSRF)	3.55	7.1	28/02/2025
WordPres 同步微博<= 1.1.0 Cross Site Request Forgery (CSRF)	3.55	7.1	28/02/2025
Omnify<= 2.0.3 Cross Site Scripting (XSS)	14.2	7.1	25/02/2025
Fiverr.com Official Search Box<= 1.0.8 Cross Site Scripting (XSS)	6.5	6.5	25/02/2025
Arrow Maps<= 1.0.9 Cross Site Scripting (XSS)	14.2	7.1	28/02/2025
Teleport<= 1.2.4 Cross Site Scripting (XSS)	14.2	7.1	28/02/2025
Cookies Pro<= 1.0 Cross Site Scripting (XSS)	14.2	7.1	31/01/2025
Zalo Live Chat<= 1.1.0 Cross Site Scripting (XSS)	14.2	7.1	31/01/2025
GDPR Tools<= 1.0.2 Cross Site Scripting (XSS)	6.5	6.5	31/01/2025
MaxA/B<= 2.2.2 Cross Site Request Forgery (CSRF)	3.55	7.1	20/02/2025
Insert Code<= 2.4 Cross Site Request Forgery (CSRF)	3.55	7.1	20/02/2025
Hashtags<= 0.3.2 Cross Site Request Forgery (CSRF)	3.55	7.1	20/02/2025
No Disposable Email<= 2.5.1 Cross Site Request Forgery (CSRF)	3.55	7.1	21/02/2025
Members page only for logged in users<= 1.4.2 Cross Site Request Forgery (CSRF)	3.55	7.1	24/02/2025
TabGarb Pro<= 2.6 Cross Site Request Forgery (CSRF)	3.55	7.1	24/02/2025
AS English Admin<= 1.0.0 Open Redirection	N/A	4.7	24/02/2025
Custom top bar<= 2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	24/02/2025
List of Posts from each Category plugin for WordPress<= 2.0 Cross Site Request Forgery (CSRF)	3.55	7.1	24/02/2025
FTP Sync<= 1.1.6 Cross Site Request Forgery (CSRF)	3.55	7.1	24/02/2025
price-calc<= 0.6.3 Cross Site Request Forgery (CSRF)	3.55	7.1	24/02/2025
WP Compare Tables<= 1.0.5 Cross Site Request Forgery (CSRF)	3.55	7.1	25/02/2025
Google News Editors Picks Feed Generator<= 2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	28/02/2025
Random Image Selector<= 2.4 Cross Site Scripting (XSS)	14.2	7.1	31/01/2025
无觅相关文章插件<= 1.0.5.7 Cross Site Request Forgery (CSRF)	3.55	7.1	18/02/2025
Add Linked Images To Gallery<= 1.4 Cross Site Request Forgery (CSRF)	3.55	7.1	29/01/2025
Tribulant Gallery Voting<= 1.2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	30/01/2025
Zigaform<= 7.4.2 Cross Site Scripting (XSS)	14.2	7.1	17/01/2025
Zigaform – Price Calculator & Cost Estimation Form Builder Lite<= 7.4.2 Cross Site Scripting (XSS)	14.2	7.1	17/01/2025
Fast Flow<= 1.2.16 Cross Site Scripting (XSS)	14.2	7.1	19/01/2025
Magic the Gathering Card Tooltips<= 3.5.0 Cross Site Scripting (XSS)	14.2	7.1	22/01/2025
Spotlight Social Media Feeds<= 1.7.1 Sensitive Data Exposure	31.8	5.3	19/01/2025
Content Snippet Manager<= 1.1.5 Cross Site Request Forgery (CSRF)	3.55	7.1	19/01/2025
what3words Address Field<= 4.0.15 Cross Site Request Forgery (CSRF)	3.55	7.1	15/01/2025
TinyMCE Advanced qTranslate fix editor problems<= 1.0.0 Cross Site Request Forgery (CSRF)	3.55	7.1	30/01/2025
Page/Post Specific Social Share Buttons<= 2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	30/01/2025
Simple Documentation<= 1.2.8 Cross Site Request Forgery (CSRF)	3.55	7.1	30/01/2025
DX-auto-publish<= 1.2 Cross Site Request Forgery (CSRF)	3.55	7.1	30/01/2025
Wibiya Toolbar<= 2.0 Cross Site Request Forgery (CSRF)	3.55	7.1	29/01/2025
Glance That<= 4.9 Cross Site Request Forgery (CSRF)	3.55	7.1	29/01/2025
Easy Amazon Product Information<= 4.0.1 Cross Site Request Forgery (CSRF)	3.55	7.1	29/01/2025
Naver Syndication V2<= 0.8.3 Cross Site Request Forgery (CSRF)	3.55	7.1	31/01/2025
Bootstrap collapse<= 1.0.4 Cross Site Request Forgery (CSRF)	3.55	7.1	31/01/2025
Global Meta Keyword & Description<= 2.3 Cross Site Request Forgery (CSRF)	3.55	7.1	31/01/2025
WP Html Page Sitemap<= 2.2 Cross Site Request Forgery (CSRF)	3.55	7.1	31/01/2025
My Login Logout Plugin<= 2.4 Cross Site Request Forgery (CSRF)	3.55	7.1	31/01/2025
Related Posts Line-up-Exactly by Milliard<= 0.0.22 Cross Site Request Forgery (CSRF)	3.55	7.1	31/01/2025
Simple Responsive Menu<= 2.1 Cross Site Request Forgery (CSRF)	3.55	7.1	31/01/2025
Listings for Appfolio<= 1.2.0 Cross Site Request Forgery (CSRF)	3.55	7.1	14/01/2025
Style Tweaker<= 0.11 Cross Site Request Forgery (CSRF)	3.55	7.1	25/01/2025
WP doodlez<= 1.0.10 Cross Site Scripting (XSS)	14.2	7.1	25/01/2025

Report vulnerabilities to earn bounties and rewards!

Include pending