Author: Ron Jost

Country:

Reported research: 21

Advisories

Risk	Topic & Details
Med.	WordPress Perfect Survey 1.5.1 SQL Injection (CVE assigned) Remote \| 2022-02-23
Med.	WordPress WP User Frontend 3.5.25 SQL Injection (CVE assigned) Remote \| 2022-02-22
Med.	WordPress Secure Copy Content Protection And Content Locking 2.8.1 SQL Injection (CVE assigned) Remote \| 2022-02-14
Med.	WordPress Download Monitor WordPress 4.4.4 SQL Injection (CVE assigned) Remote \| 2022-02-03
Med.	Wordpress Plugin 404 to 301 2.0.2 SQL-Injection (Authenticated) (CVE assigned) Remote \| 2022-02-02
Med.	WordPress Modern Events Calendar 6.1 SQL Injection (CVE assigned) Remote \| 2022-01-28
Med.	WordPress RegistrationMagic V 5.0.1.5 SQL Injection (CVE assigned) Remote \| 2022-01-27
Med.	WordPress Plugin WP Visitor Statistics 4.7 SQL Injection (CVE assigned) Remote \| 2022-01-18
High	WordPress Catch Themes Demo Import 1.6.1 Shell Upload (CVE assigned) Remote \| 2021-12-11
Med.	WordPress BulletProof Security 5.1 Information Disclosure (CVE assigned) Remote \| 2021-10-06
High	WordPress SP Project And Document Remote Code Execution Remote \| 2021-07-27
High	WordPress Modern Events Calendar Remote Code Execution Remote \| 2021-07-27
High	WordPress SP Project And Document Manager 4.21 Shell Upload (CVE assigned) Remote \| 2021-07-08
High	Wordpress Plugin XCloner 4.2.12 Remote Code Execution (Authenticated) (CVE assigned) Remote \| 2021-07-07
High	WordPress XCloner 4.2.12 Remote Code Execution (CVE assigned) Remote \| 2021-07-02
High	WordPress Modern Events Calendar 5.16.2 Shell Upload (CVE assigned) Remote \| 2021-07-02
Low	WordPress Modern Events Calendar 5.16.2 Information Disclosure (CVE assigned) Remote \| 2021-07-02
Med.	OpenEMR 5.0.1.7 fileName Path Traversal (Authenticated) (CVE assigned) Remote \| 2021-06-29
High	OpenEMR 5.0.1.3 Shell Upload (CVE assigned) Remote \| 2021-06-14
High	Trixbox 2.8.0.4 Remote Code Execution (CVE assigned) Remote \| 2021-05-30
Med.	Trixbox 2.8.0.4 Path Traversal (CVE assigned) Remote \| 2021-05-30

Author: Ron Jost

Country:

Reported research: 21

Advisories

Med.

WordPress Perfect Survey 1.5.1 SQL Injection (CVE assigned)

Remote | 2022-02-23

Med.

WordPress WP User Frontend 3.5.25 SQL Injection (CVE assigned)

Remote | 2022-02-22

Med.

WordPress Secure Copy Content Protection And Content Locking 2.8.1 SQL Injection (CVE assigned)

Remote | 2022-02-14

Med.

WordPress Download Monitor WordPress 4.4.4 SQL Injection (CVE assigned)

Remote | 2022-02-03

Med.

Wordpress Plugin 404 to 301 2.0.2 SQL-Injection (Authenticated) (CVE assigned)

Remote | 2022-02-02

Med.

WordPress Modern Events Calendar 6.1 SQL Injection (CVE assigned)

Remote | 2022-01-28

Med.

WordPress RegistrationMagic V 5.0.1.5 SQL Injection (CVE assigned)

Remote | 2022-01-27

Med.

WordPress Plugin WP Visitor Statistics 4.7 SQL Injection (CVE assigned)

Remote | 2022-01-18

High

WordPress Catch Themes Demo Import 1.6.1 Shell Upload (CVE assigned)

Remote | 2021-12-11

Med.

WordPress BulletProof Security 5.1 Information Disclosure (CVE assigned)

Remote | 2021-10-06

High

WordPress SP Project And Document Remote Code Execution

Remote | 2021-07-27

High

WordPress Modern Events Calendar Remote Code Execution

Remote | 2021-07-27

High

WordPress SP Project And Document Manager 4.21 Shell Upload (CVE assigned)

Remote | 2021-07-08

High

Wordpress Plugin XCloner 4.2.12 Remote Code Execution (Authenticated) (CVE assigned)

Remote | 2021-07-07

High

WordPress XCloner 4.2.12 Remote Code Execution (CVE assigned)

Remote | 2021-07-02

High

WordPress Modern Events Calendar 5.16.2 Shell Upload (CVE assigned)

Remote | 2021-07-02

Low

WordPress Modern Events Calendar 5.16.2 Information Disclosure (CVE assigned)

Remote | 2021-07-02

Med.

OpenEMR 5.0.1.7 fileName Path Traversal (Authenticated) (CVE assigned)

Remote | 2021-06-29

High

OpenEMR 5.0.1.3 Shell Upload (CVE assigned)

Remote | 2021-06-14

High

Trixbox 2.8.0.4 Remote Code Execution (CVE assigned)

Remote | 2021-05-30

Med.

Trixbox 2.8.0.4 Path Traversal (CVE assigned)

Remote | 2021-05-30

Do you know.. we can display your:

- Twitter Link - Website Link - Zone-H Link - Description of profile - email (let us know if you want show public)

Let's us know! submit@cxsec.org

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)