Dave Jong (Patchstack)

0.00

XP

0

Reports

0

Reports, last 90 days

-

3 Apr, 2026

🇳🇱

Lvl 0

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Modular DS2.5.2 Privilege Escalation	N/A	10	16/01/2026
eForm - WordPress Form Builder< 4.19.1 Cross Site Scripting (XSS)	14.2	7.1	24/04/2025
wProject< 5.8.0 Privilege Escalation	N/A	8.8	19/05/2024
wProject< 5.8.0 Settings Change	N/A	8.2	19/05/2024
wProject< 5.8.0 Cross Site Scripting (XSS)	N/A	7.1	19/05/2024
Seraphinite Accelerator<= 2.22.15 Sensitive Data Exposure	8.6	4.3	29/06/2024
Seraphinite Accelerator (Full, premium)<= 2.21.13 Sensitive Data Exposure	N/A	4.3	29/06/2024
WP SuperBackup<= 2.3.3 Broken Access Control	7.4	7.4	18/05/2024
WP SuperBackup<= 2.3.3 Cross Site Scripting (XSS)	14.2	7.1	18/05/2024
WP SuperBackup<= 2.3.3 PHP Object Injection	15	7.5	18/05/2024
WP SuperBackup<= 2.3.3 Arbitrary File Download	22.5	7.5	18/05/2024
WP SuperBackup<= 2.3.3 Arbitrary File Upload	60	10	18/05/2024
FAT Services Booking<= 5.6 SQL Injection	N/A	9.3	04/05/2024
FAT Services Booking<= 5.6 Cross Site Scripting (XSS)	N/A	7.1	04/05/2024
AIO Contact<= 2.8.1 Cross Site Scripting (XSS)	N/A	7.1	27/04/2024
AIO Contact<= 2.8.1 Settings Change	N/A	6.5	27/04/2024
ARForms<= 6.4.1 Settings Change	5.4	5.4	25/02/2024
ARForms<= 6.4.1 Path Traversal	7.7	7.7	25/02/2024
Revy<= 1.18 SQL Injection	N/A	9.3	18/02/2024
Revy<= 1.18 Arbitrary File Upload	N/A	10	18/02/2024
Droip< 2.5.2 Arbitrary File Deletion	N/A	10	19/05/2024
Droip< 2.5.2 Settings Change	N/A	6.3	19/05/2024
Brickscore<= 1.4.2.5 Cross Site Scripting (XSS)	N/A	7.1	20/04/2024
WP Armour Extended<= 1.26 Cross Site Scripting (XSS)	N/A	7.1	28/04/2024
WP Armour Extended<= 1.26 Cross Site Request Forgery (CSRF)	N/A	5.4	28/04/2024
Greenshift Woocommerce Addon< 1.9.8 SQL Injection	N/A	8.5	08/02/2024
Greenshift Query and Meta Addon< 3.9.2 SQL Injection	N/A	8.5	08/02/2024
Propovoice Pro<= 1.7.0.3 SQL Injection	N/A	9.3	15/03/2024
Z Y N I T H<= 7.4.9 Settings Change	26	6.5	23/02/2024
Z Y N I T H<= 7.4.9 Settings Change	26	6.5	23/02/2024
WBW Product Table PRO<= 1.9.4 SQL Injection	N/A	10	09/02/2024
Leopard - WordPress offload media<= 2.0.36 Sensitive Data Exposure	6.5	6.5	17/02/2024
Leopard - WordPress offload media<= 2.0.36 Settings Change	7.1	7.1	17/02/2024
Bit Form Pro<= 2.6.4 Sensitive Data Exposure	N/A	6.5	11/02/2024
Bit Form Pro<= 2.6.4 Settings Change	N/A	7.1	11/02/2024
Bit Form Pro<= 2.6.4 Arbitrary File Upload	N/A	9.9	11/02/2024
Bit Form Pro<= 2.6.4 Arbitrary File Deletion	N/A	8.6	11/02/2024
WHMpress<= 6.2-revision-5 Settings Change	8.8	8.8	28/01/2024
WHMpress<= 6.2-revision-5 Cross Site Scripting (XSS)	14.2	7.1	28/01/2024
JobSearch<= 2.3.4 Privilege Escalation	N/A	9.8	14/01/2024
BerqWP<= 1.7.6 Arbitrary File Upload	N/A	10	11/05/2024
Docket (WooCommerce Collections / Wishlist / Watchlist)< 1.7.0 SQL Injection	N/A	9.3	14/07/2024
Docket (WooCommerce Collections / Wishlist / Watchlist)< 1.7.0 Arbitrary Content Deletion	N/A	7.5	14/07/2024
Tin Canny Reporting for LearnDash<= 4.3.0.7 Cross Site Scripting (XSS)	N/A	7.1	05/12/2023
WooCommerce PDF Vouchers< 4.9.5 Cross Site Scripting (XSS)	14.2	7.1	14/07/2024
WooCommerce PDF Vouchers< 4.9.5 Arbitrary File Deletion	25.8	8.6	14/07/2024
WooCommerce PDF Vouchers< 4.9.5 Multiple Vulnerabilities	14.6	7.3	14/07/2024
Backup and Staging by WP Time Capsule<= 1.22.20 Privilege Escalation	29.4	9.8	02/07/2024
Uncanny Automator Pro<= 5.3 Cross Site Scripting (XSS)	N/A	7.1	23/11/2023
BerqWP<= 1.7.5 Server Side Request Forgery (SSRF)	N/A	7.2	11/05/2024
Seraphinite Accelerator (Full, premium)<= 2.21.13 Cross Site Request Forgery (CSRF)	N/A	7.4	29/06/2024
Woocommerce OpenPos<= 7.0.1 Broken Access Control	15	7.5	04/02/2024
Woocommerce OpenPos<= 6.4.4 SQL Injection	27.9	9.3	04/02/2024
Woocommerce OpenPos<= 6.4.4 Arbitrary File Deletion	25.8	8.6	04/02/2024
User Activity Log Pro<= 2.3.4 Broken Access Control	N/A	6.3	14/01/2024
Jobmonster< 4.7.5 Arbitrary File Deletion	N/A	8.6	13/01/2024
Jobmonster<= 4.7.5 Privilege Escalation	N/A	9.8	13/01/2024
BuddyBoss Theme<= 2.4.61 Cross Site Request Forgery (CSRF)	N/A	5.4	22/11/2023
BookYourTravel<= 8.18.17 Privilege Escalation	13.2	8.8	20/03/2024
JetThemeCore< 2.2.1 Arbitrary File Deletion	N/A	7.7	21/02/2024
Uncanny Toolkit Pro for LearnDash< 4.1.4.1 Other Vulnerability Type	N/A	5.4	24/11/2023
Uncanny Toolkit Pro for LearnDash< 4.1.4.1 Cross Site Request Forgery (CSRF)	N/A	5.4	24/11/2023
Uncanny Toolkit Pro for LearnDash< 4.1.4.1 Cross Site Scripting (XSS)	N/A	7.1	24/11/2023
Uncanny Automator Pro< 5.3.0.1 Cross Site Request Forgery (CSRF)	N/A	5.4	23/11/2023
Uncanny Automator Pro< 5.3.0.1 Settings Change	N/A	5.3	23/11/2023
Hercules Core <= 6.5 Settings Change	N/A	8.8	18/02/2024
WishList Member X< 3.26.7 Sensitive Data Exposure	N/A	9.8	10/02/2024
WishList Member X< 3.26.7 SQL Injection	N/A	10	10/02/2024
WishList Member X< 3.26.7 Denial of Service Attack	N/A	7.5	10/02/2024
WishList Member X< 3.26.7 Sensitive Data Exposure	N/A	7.5	10/02/2024
WishList Member X< 3.26.7 Arbitrary Code Execution	N/A	9.9	10/02/2024
WishList Member X< 3.26.7 Arbitrary File Deletion	N/A	7.7	10/02/2024
WishList Member X< 3.26.7 Privilege Escalation	N/A	8.8	10/02/2024
WishList Member X< 3.26.7 Settings Change	N/A	8.2	10/02/2024
WooCommerce Dropshipping<= 5.1.2 Content Spoofing	10.6	5.3	19/01/2024
WP Visitors Tracker<= 2.3 Cross Site Scripting (XSS)	N/A	7.1	19/05/2024
Widget Options - Extended<= 5.1.0 Sensitive Data Exposure	N/A	6.5	28/02/2024
Widget Options - Extended<= 5.1.0 Sensitive Data Exposure	N/A	4.3	28/02/2024
Widget Options<= 4.0.1 Sensitive Data Exposure	17.2	4.3	28/02/2024
Widget Options<= 4.0.1 Sensitive Data Exposure	26	6.5	28/02/2024
Otter Blocks PRO<= 2.6.11 Sensitive Data Exposure	N/A	4.3	28/04/2024
Checkout Field Editor for WooCommerce (Pro)<= 3.6.2 Arbitrary File Deletion	N/A	8.6	02/05/2024
WooCommerce AWeber Newsletter Subscription<= 4.0.2 Settings Change	N/A	6.5	01/12/2023
Piotnet Addons For Elementor Pro<= 7.1.17 Arbitrary Content Deletion	N/A	7.5	22/11/2023
Piotnet Addons For Elementor Pro<= 7.1.17 Server Side Request Forgery (SSRF)	N/A	5.4	22/11/2023
Piotnet Addons For Elementor Pro<= 7.1.17 Cross Site Scripting (XSS)	N/A	7.1	22/11/2023
Piotnet Addons For Elementor Pro<= 7.1.17 Cross Site Request Forgery (CSRF)	N/A	5.4	22/11/2023
Piotnet Addons For Elementor Pro<= 7.1.17 Cross Site Scripting (XSS)	N/A	6.5	22/11/2023
XforWooCommerce<= 2.0.2 Local File Inclusion	N/A	8.8	23/12/2023
Max Addons Pro for Bricks<= 1.6.1 Cross Site Scripting (XSS)	N/A	7.1	05/03/2024
Max Addons Pro for Bricks<= 1.6.1 Settings Change	N/A	6.5	05/03/2024
ARForms<= 6.4 SQL Injection	12.75	8.5	25/02/2024
ARForms<= 6.4 Settings Change	7.1	7.1	25/02/2024
ARForms<= 6.4 Settings Change	7.1	7.1	25/02/2024
ARForms<= 6.4 Arbitrary File Deletion	11.55	7.7	25/02/2024
ARForms<= 6.4 Cross Site Scripting (XSS)	14.2	7.1	25/02/2024
LoginPress Pro< 3.0.0 Settings Change	N/A	6.5	25/11/2023
LoginPress Pro< 3.0.0 Bypass Vulnerability	N/A	5.3	25/11/2023
Z Y N I T H<= 7.4.9 Cross Site Scripting (XSS)	34.4	8.6	23/02/2024
Superfly Menu<= 5.0.25 Cross Site Scripting (XSS)	N/A	7.1	14/01/2024

Report vulnerabilities to earn bounties and rewards!

Include pending