Aiden

2,248.50

XP

85

Reports

0

Reports, last 90 days

#28

3 Apr, 2026

🇻🇳

Lvl 5

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
FormGent<= 1.5.7 Arbitrary File Deletion	51.6	8.6	05/12/2025
Case Addons< 1.3.0 Arbitrary File Upload	29.7	9.9	14/09/2025
JobSearch< 3.0.8 PHP Object Injection	45.08	9.8	03/09/2025
WooCommerce Vehicle Parts Finder<= 3.7 PHP Object Injection	117.6	9.8	26/08/2025
Scape<= 1.5.13 PHP Object Injection	39.2	9.8	08/08/2025
FAT Event - WordPress Event and Calendar Booking<= 5.15 Local File Inclusion	48.6	8.1	24/12/2024
Exertio Framework<= 1.3.3 SQL Injection	17	8.5	28/06/2025
Golo<= 1.7.0 Broken Authentication	58.8	9.8	07/05/2025
School Management<= 93.2.0 SQL Injection	17.48	7.6	18/05/2025
Exertio<= 1.3.2 PHP Object Injection	39.2	9.8	28/06/2025
MediCenter - Health Medical Clinic<= 15.1 PHP Object Injection	45.08	9.8	28/06/2025
Traveler< 3.2.2 SQL Injection	37.2	9.3	16/05/2025
WPGYM<= 65.0 SQL Injection	17	8.5	22/12/2024
Nuss<= 1.3.7.1 Broken Access Control	15	7.5	08/05/2025
Sala<= 1.1.3 Broken Access Control	11.25	7.5	08/05/2025
RealHomes<= 4.4.0 Privilege Escalation	117.6	9.8	10/05/2025
LMS<= 9.2 SQL Injection	37.2	9.3	13/05/2025
LogisticsHub<= 1.1.6 Arbitrary File Upload	60	10	25/04/2025
Red Art<= 3.8 PHP Object Injection	17.6	8.8	12/05/2025
Homey<= 2.4.7 SQL Injection	37.2	9.3	13/05/2025
LMS<= 9.2 Cross Site Scripting (XSS)	14.2	7.1	13/05/2025
WPCRM - CRM for Contact form CF7 & WooCommerce<= 3.2.0 Cross Site Scripting (XSS)	14.2	7.1	22/04/2025
Nuss<= 1.3.3 PHP Object Injection	17.6	8.8	08/05/2025
Sala<= 1.1.3 PHP Object Injection	13.2	8.8	08/05/2025
School Management<= 93.2.0 Privilege Escalation	30.36	8.8	18/05/2025
School Management<= 93.0.0 Local File Inclusion	45	7.5	10/03/2025
WPGYM<= 65.0 Local File Inclusion	22.5	7.5	10/03/2025
WPCRM - CRM for Contact form CF7 & WooCommerce<= 3.2.0 SQL Injection	37.2	9.3	22/04/2025
Slack Notifications by dorzki<= 2.0.7 Broken Access Control	4.3	4.3	27/04/2025
oik<= 4.15.1 Broken Access Control	5.3	5.3	27/04/2025
WPCHURCH<= 2.7.0 SQL Injection	37.2	9.3	16/04/2025
MaxiBlocks<= 2.1.0 Privilege Escalation	19.8	8.8	07/04/2025
WPCHURCH<= 2.7.0 Privilege Escalation	26.4	8.8	16/04/2025
Course Builder< 3.6.6 PHP Object Injection	39.2	9.8	10/05/2025
Bus Ticket Booking with Seat Reservation for WooCommerce<= 1.7 SQL Injection	37.2	9.3	19/12/2024
Hospital Management System<= 47.0(20-11-2023) Privilege Escalation	30.36	8.8	27/12/2024
JP Students Result Management System Premium1.1.7 Arbitrary File Upload	54	9	24/12/2024
School Management<= 92.0.0 SQL Injection	21.25	8.5	22/12/2024
WPCHURCH<= 2.7.0 Cross Site Scripting (XSS)	14.2	7.1	16/04/2025
Hospital Management System<= 47.0(20-11-2023) Arbitrary File Upload	34.16	9.9	27/12/2024
GDPR CCPA Compliance Support<= 2.7.3 Broken Access Control	4.3	4.3	30/04/2025
WPCHURCH<= 2.7.0 Local File Inclusion	48.6	8.1	17/04/2025
StoreKeeper for WooCommerce<= 14.4.4 Arbitrary File Upload	60	10	19/03/2025
Productive Commerce<= 1.1.40 SQL Injection	37.2	9.3	27/03/2025
Ultimate WP Mail<= 1.3.4 SQL Injection	12.75	8.5	07/04/2025
SEUR Oficial<= 2.2.23 Local File Inclusion	48.6	8.1	13/04/2025
Hospital Management System<= 47.0(20-11-2023) Arbitrary File Upload	60	10	14/12/2024
Hospital Management System<= 47.0(20-11-2023) Cross Site Scripting (XSS)	14.2	7.1	13/12/2024
Control Listings<= 1.0.4.1 Cross Site Scripting (XSS)	14.2	7.1	04/04/2025
Revy<= 2.1 SQL Injection	19.55	8.5	18/12/2024
FAT Services Booking<= 5.6 SQL Injection	19.55	8.5	18/12/2024
Hospital Management System<= 47.0(20-11-2023) SQL Injection	21.25	8.5	17/12/2024
WPAMS<= 44.0 (17-08-2023) Privilege Escalation	30.36	8.8	27/12/2024
WPAMS<= 44.0 Local File Inclusion	117.6	9.8	10/03/2025
WPAMS<= 44.0 (17-08-2023) SQL Injection	37.2	9.3	13/12/2024
WPAMS<= 44.0 (17-08-2023) Cross Site Scripting (XSS)	14.2	7.1	13/12/2024
WPAMS<= 44.0 (17-08-2023) SQL Injection	21.25	8.5	18/12/2024
Eazy Plugin Manager<= 4.3.0 Broken Access Control	8.8	8.8	01/12/2024
Accessibility Suite<= 4.18 SQL Injection	17	8.5	16/02/2025
Error Log Viewer<= 1.0.5 SQL Injection	17	8.5	06/03/2025
Review Stars Count For WooCommerce<= 2.0 SQL Injection	17	8.5	08/03/2025
Specia Companion<= 6.3 Broken Access Control	6.5	6.5	23/11/2024
TextMe SMS<= 1.9.1 Broken Access Control	6.5	6.5	30/11/2024
Piotnet Forms<= 1.0.30 Cross Site Scripting (XSS)	2.95	5.9	19/11/2024
Cue<= 2.4.4 Broken Access Control	4.3	4.3	22/11/2024
Advanced WooCommerce Product Sales Reporting<= 4.1.1 SQL Injection	37.2	9.3	11/02/2025
RSVPMarker <= 11.6.7 SQL Injection	37.2	9.3	11/02/2025
XV Random Quotes<= 2.0.0 SQL Injection	37.2	9.3	12/02/2025
Trust Payments Gateway for WooCommerce<= 1.1.4 SQL Injection	37.2	9.3	18/02/2025
Distance Rate Shipping for WooCommerce<= 1.3.4 SQL Injection	17	8.5	20/12/2024
CWD – Stealth Links<= 1.3 SQL Injection	37.2	9.3	22/12/2024
GDPR CCPA Compliance Support<= 2.7.1 Broken Access Control	3.23	4.3	23/11/2024
JSM Show Post Metadata<= 4.6.0 Broken Access Control	4.3	4.3	23/11/2024
WordPress Local SEO<= 2.3 SQL Injection	37.2	9.3	29/12/2024
Data Tables Generator by Supsystic<= 1.10.36 Broken Access Control	5.4	5.4	18/11/2024
WPSSO Core<= 18.18.1 Broken Access Control	4.3	4.3	22/11/2024
Mark New Posts<= 7.5.1 Broken Access Control	5.4	5.4	28/11/2024
Cryptocurrency Price Widget<= 1.2.3 Cross Site Scripting (XSS)	2.95	5.9	29/11/2024
Car Dealer<= 4.46 Broken Access Control	4.3	4.3	05/12/2024
SeedProd Pro< 6.18.13 SQL Injection	N/A	7.6	07/11/2024
WPBookit<= 1.6.0 SQL Injection	N/A	9.3	09/11/2024
Notibar<= 2.1.4 Broken Access Control	3.23	4.3	23/11/2024
Barcode Scanner with Inventory & Order Manager<= 1.6.6 Cross Site Scripting (XSS)	16.33	7.1	26/11/2024

Report vulnerabilities to earn bounties and rewards!

Include pending