Anhchangmutrang

787.06

XP

61

Reports

0

Reports, last 90 days

#17

3 Apr, 2026

🇻🇳

Lvl 3

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Consultstreet<= 3.0.0 Broken Access Control	4.3	4.3	07/06/2025
Ultimate Video Player<= 10.1 Broken Access Control	10.6	5.3	10/06/2025
Global Gallery<= 9.2.3 Broken Access Control	13	6.5	07/06/2025
MapSVG< 8.6.12 Arbitrary File Download	7.31	6.5	22/05/2025
Elite Video Player<= 10.0.5 Cross Site Scripting (XSS)	14.2	7.1	19/06/2025
FAQ Revolution - WordPress Plugin<= 1.5.0 Cross Site Scripting (XSS)	7.1	7.1	19/06/2025
Pinterest Automatic Pin< 4.19.0 SQL Injection	17	8.5	19/03/2025
Ultimate Video Player<= 10.1 Server Side Request Forgery (SSRF)	14.4	7.2	10/06/2025
Wordpress Auto Spinner<= 3.26.0 Cross Site Scripting (XSS)	14.2	7.1	19/03/2025
EventON<= 4.9.9 Broken Access Control	18.9	6.3	16/01/2025
Rankie<= 1.8.2 Cross Site Scripting (XSS)	14.2	7.1	18/03/2025
Simple Link Directory< 14.8.1 SQL Injection	17	8.5	27/02/2025
PowerPress Podcasting<= 11.13.11 Server Side Request Forgery (SSRF)	7.35	4.9	21/05/2025
Rankie< 1.8.2 SQL Injection	17	8.5	18/03/2025
WidgetKit Pro<= 1.13.1 Cross Site Scripting (XSS)	14.2	7.1	18/01/2025
MapSVG< 8.7.4 Arbitrary File Upload	22.28	9.9	07/03/2025
Elite Video Player<= 10.0.5 Cross Site Scripting (XSS)	14.2	7.1	24/04/2025
MapSVG< 8.6.13 Privilege Escalation	19.8	8.8	12/04/2025
Elite Video Player<= 10.0.5 Cross Site Request Forgery (CSRF)	2.7	5.4	24/04/2025
Crawlomatic Multisite Scraper Post Generator<= 2.6.8.2 Sensitive Data Exposure	10.6	5.3	13/05/2025
Crawlomatic Multisite Scraper Post Generator<= 2.6.8.2 Broken Access Control	4.3	4.3	13/05/2025
SUMO Affiliates Pro< 11.1.0 Arbitrary File Upload	60	10	15/03/2025
MapSVG< 8.6.13 Broken Access Control	15	7.5	17/02/2025
Ads Pro<= 4.89 Local File Inclusion	48.6	8.1	24/12/2024
AnyWhere Elementor Pro<= 2.29 Broken Access Control	N/A	4.3	29/03/2025
Salon Booking Pro<= 10.10.2 Broken Access Control	4.3	4.3	15/01/2025
Simple Link Directory< 14.8.1 Broken Access Control	10.6	5.3	27/02/2025
QuickCal - Appointment Booking Calendar for WordPress<= 1.0.15 Sensitive Data Exposure	4.3	4.3	19/03/2025
Eventer< 3.11.4 SQL Injection	37.2	9.3	13/01/2025
Eventer< 3.11.4 Broken Access Control	4.3	4.3	13/01/2025
Rankie< 1.8.2 Broken Access Control	4.3	4.3	19/03/2025
TNC FlipBook<= 12.1.0 Cross Site Scripting (XSS)	4.88	6.5	22/02/2025
Pinterest Automatic Pin<= 4.19.0 Broken Access Control	4.3	4.3	19/03/2025
Wordpress Auto Spinner<= 3.25.0 Broken Access Control	4.3	4.3	19/03/2025
MapSVG<= 8.5.31 Cross Site Scripting (XSS)	4.88	6.5	17/02/2025
MapSVG< 8.6.13 Broken Access Control	3.75	5	07/03/2025
MapSVG<= 8.5.34 Content Injection	10.6	5.3	14/04/2025
EventON<= 4.9.8 Broken Access Control	31.8	5.3	16/01/2025
Graphina<= 3.0.4 Broken Access Control	5.4	5.4	05/04/2025
Super Store Finder<= 7.2 SQL Injection	74.4	9.3	10/03/2025
Advanced Google Maps<= 5.8.4 Broken Access Control	4.3	4.3	04/03/2025
Mediavine Control Panel<= 2.10.6 Sensitive Data Exposure	12.19	5.3	20/01/2025
MapSVG<= 8.6.4 Arbitrary File Upload	22.28	9.9	07/03/2025
MapSVG<= 8.6.6 Cross Site Scripting (XSS)	4.88	6.5	07/03/2025
MapSVG<= 8.6.4 Broken Access Control	3.75	5	07/03/2025
StaffList<= 3.2.7 Sensitive Data Exposure	N/A	5.3	20/01/2025
StaffList<= 3.2.7 Broken Access Control	N/A	4.3	20/01/2025
TailPress<= 0.4.4 Sensitive Data Exposure	11.6	5.8	05/02/2025
Srbtranslatin<= 3.2.0 Sensitive Data Exposure	11.6	5.8	05/02/2025
WP-LESS<= 1.9.6 Sensitive Data Exposure	11.6	5.8	04/02/2025
Shopper<= 3.2.5 SQL Injection	37.2	9.3	14/02/2025
Slider Path for Elementor<= 3.0.0 Broken Access Control	4.3	4.3	21/02/2025
Our Team Members<= 2.2 Sensitive Data Exposure	4.3	4.3	22/02/2025
ARPrice<= 4.1.3 Cross Site Scripting (XSS)	5.61	6.5	12/02/2025
WOO Codice Fiscale<= 1.6.3 Cross Site Scripting (XSS)	14.2	7.1	08/02/2025
MyTicket Events<= 1.2.4 Arbitrary File Download	15.9	5.3	10/02/2025
Give – Divi Donation Modules<= 2.0.0 Sensitive Data Exposure	11.6	5.8	05/02/2025
Eventer< 3.9.9 Cross Site Scripting (XSS)	14.2	7.1	28/12/2024
Surfer<= 1.5.0.502 SQL Injection	N/A	7.6	10/08/2024
UiPress lite<= 3.4.06 SQL Injection	N/A	7.6	12/07/2024
Spiffy Calendar<= 4.9.11 SQL Injection	N/A	7.6	06/07/2024

Report vulnerabilities to earn bounties and rewards!

Include pending