Pham Van Tam

58.85

XP

30

Reports

0

Reports, last 90 days

#16

3 Apr, 2026

🇻🇳

Lvl 0

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
WPBookit<= 1.0.7 Broken Access Control	N/A	5.3	22/01/2025
Bookingor<= 2.0.1 Broken Access Control	N/A	4.3	21/01/2025
Booking Calendar and Notification<= 4.0.3 Broken Authentication	19.5	6.5	17/01/2025
Booking Calendar and Notification<= 4.0.3 SQL Injection	37.2	9.3	03/01/2025
WebinarPress<= 1.33.28 Cross Site Scripting (XSS)	N/A	5.9	24/01/2025
WP Modal Popup with Cookie Integration<= 2.4 Cross Site Scripting (XSS)	N/A	5.9	09/01/2025
Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme<= 1.1 Cross Site Scripting (XSS)	N/A	5.9	21/12/2024
Welcome Popup<= 1.0.10 Cross Site Scripting (XSS)	N/A	5.9	24/12/2024
Exit Popup Free<= 1.0 Cross Site Scripting (XSS)	N/A	5.9	10/01/2025
Ethiopian Calendar<= 1.1.1 Cross Site Scripting (XSS)	N/A	6.5	11/01/2025
Elfsight Testimonials Slider<= 1.0.1 Cross Site Request Forgery (CSRF)	N/A	5.4	12/01/2025
Elfsight Testimonials Slider<= 1.0.1 Cross Site Scripting (XSS)	N/A	5.9	12/01/2025
Elfsight Testimonials Slider<= 1.0.1 Broken Access Control	N/A	5.4	14/01/2025
Multi Days Events and Multi Events in One Day Calendar<= 1.1.3 Cross Site Request Forgery (CSRF)	N/A	4.3	22/01/2025
FM Notification Bar<= 1.0.4 Cross Site Scripting (XSS)	N/A	5.9	08/12/2024
Songkick Concerts and Festivals<= 0.9.7 Cross Site Request Forgery (CSRF)	2.15	4.3	22/01/2025
Event Kikfyre<= 2.1.8 Broken Access Control	N/A	5.4	15/01/2025
Easy WP Tiles<= 1 Cross Site Scripting (XSS)	N/A	5.9	09/01/2025
Alert Box Block – Display notice/alerts in the front end<= 1.1.0 Cross Site Scripting (XSS)	N/A	6.5	10/01/2025
Content Cloner<= 1.0.1 Broken Access Control	N/A	4.3	14/01/2025
Orbisius Simple Notice<= 1.1.3 Cross Site Scripting (XSS)	N/A	5.9	06/12/2024
Toocheke Companion<= 1.166 Cross Site Scripting (XSS)	N/A	5.9	11/01/2025
AnyRoad<= 1.3.2 Cross Site Request Forgery (CSRF)	N/A	4.3	14/01/2025
Bonjour Bar<= 1.0.0 Cross Site Scripting (XSS)	N/A	5.9	04/12/2024
Post-to-Post Links<= 4.2 Cross Site Scripting (XSS)	N/A	5.9	14/12/2024
Posts Footer Manager<= 2.1.0 Cross Site Scripting (XSS)	N/A	5.9	03/12/2024
WP Cookie<= 1.0.0 Cross Site Scripting (XSS)	N/A	5.9	16/12/2024
WP Header Notification<= 1.2.7 Cross Site Scripting (XSS)	N/A	5.9	16/12/2024
Ultimate Learning Pro<= 3.9 SQL Injection	N/A	7.6	25/11/2024
Highlight<= 2.0.2 Cross Site Scripting (XSS)	N/A	5.9	06/12/2024

Report vulnerabilities to earn bounties and rewards!

Include pending