Emili Castells

294.28

XP

41

Reports

0

Reports, last 90 days

#8

3 Apr, 2026

🇪🇸

Lvl 1

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Event post<= 5.9.5 Local File Inclusion	45	7.5	29/02/2024
Product Designer<= 1.0.33 Arbitrary Content Deletion	15	7.5	11/02/2024
Annual Archive<= 1.6.0 Cross Site Scripting (XSS)	N/A	5.9	02/01/2024
Booking Ultra Pro<= 1.1.12 Privilege Escalation	9.9	8.8	25/02/2024
Sirv<= 7.2.2 Privilege Escalation	15.18	8.8	28/02/2024
Email Customizer for WooCommerce<= 2.6.0 Sensitive Data Exposure	15	7.5	04/01/2024
Frontend Dashboard<= 2.2.2 Sensitive Data Exposure	N/A	7.5	11/02/2024
Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy<= 2.1.1 Arbitrary Content Deletion	15	7.5	09/02/2024
MyRewards<= 5.3.0 Broken Access Control	6.5	6.5	11/01/2024
Login with phone number<= 1.7.16 Privilege Escalation	15.18	8.8	29/02/2024
5 Stars Rating Funnel<= 1.2.67 Arbitrary Content Deletion	17.25	7.5	09/02/2024
Contest Gallery<= 21.3.4 SQL Injection	11	8.5	08/02/2024
WholesaleX<= 1.3.1 Broken Access Control	6.5	6.5	24/02/2024
WholesaleX<= 1.3.1 Sensitive Data Exposure	6.5	6.5	24/02/2024
Rolo Slider<= 1.0.9 Settings Change	7.7	7.7	14/02/2024
WooCommerce Coupon Popup, SmartBar, Slide In \| MyShopKit<= 1.0.9 Sensitive Data Exposure	10.6	5.3	17/02/2024
Team Members Showcase<= 1.3.4 Cross Site Scripting (XSS)	N/A	5.9	15/05/2023
WooCommerce Product Enquiry<= 2.6.0 Cross Site Scripting (XSS)	14.2	7.1	15/05/2023
Live Gold Price & Silver Price Charts Widgets<= 2.4 Cross Site Scripting (XSS)	N/A	5.9	16/05/2023
Product Visibility by Country for WooCommerce<= 1.4.9 Cross Site Scripting (XSS)	N/A	5.9	17/05/2023
Lava Directory Manager<= 1.1.34 Cross Site Scripting (XSS)	4.88	6.5	17/05/2023
Extra Product Options for WooCommerce<= 4.1 Cross Site Scripting (XSS)	1.48	5.9	22/05/2023
Direct Checkout – Quick View – Buy Now For WooCommerce<= 1.5.8 Cross Site Scripting (XSS)	1.48	5.9	22/05/2023
TWB Woocommerce Reviews<= 1.7.5 Cross Site Scripting (XSS)	N/A	5.9	24/05/2023
Recently viewed and most viewed products<= 1.1.1 Cross Site Scripting (XSS)	1.48	5.9	30/05/2023
IdeaPush<= 8.52 Cross Site Scripting (XSS)	N/A	5.9	24/05/2023
Simple User Listing<= 1.9.2 Cross Site Scripting (XSS)	14.2	7.1	05/05/2023
Eonet Manual User Approve<= 2.1.3 Cross Site Scripting (XSS)	N/A	5.9	11/05/2023
Lava Directory Manager<= 1.1.34 Cross Site Scripting (XSS)	14.2	7.1	17/05/2023
Contact Form Generator<= 2.7.1 SQL Injection	9.56	8.5	19/06/2023
Order auto complete for WooCommerce<= 1.2.0 Cross Site Scripting (XSS)	N/A	5.9	24/05/2023
Export Import Menus<= 1.8.0 Arbitrary File Upload	14.85	9.9	05/06/2023
Easy Newsletter Signups<= 1.0.4 Broken Access Control	N/A	6.5	31/05/2023
Quasar form<= 6.0 SQL Injection	9.56	8.5	19/06/2023
Zippy<= 1.6.2 Broken Access Control	10.6	5.3	06/06/2023
GDPR Cookie Consent Notice Box<= 1.1.6 Cross Site Scripting (XSS)	N/A	5.9	05/05/2023
Quick/Bulk Order Form for WooCommerce<= 3.5.7 Cross Site Scripting (XSS)	1.48	5.9	11/05/2023
Novelist<= 1.2.0 Cross Site Scripting (XSS)	N/A	5.9	15/05/2023
WooDiscuz – WooCommerce Comments<= 2.2.9 Cross Site Scripting (XSS)	N/A	5.9	16/05/2023
WishSuite<= 1.3.4 Cross Site Scripting (XSS)	N/A	5.9	07/05/2023
Product page shipping calculator for WooCommerce<= 1.3.25 Cross Site Scripting (XSS)	N/A	5.9	10/05/2023

Report vulnerabilities to earn bounties and rewards!

Include pending