The Beginning

I started my journey in CVE hunting in late 2022. My friend Rafshanzani Suhada introduced me to how to report a WordPress plugin vulnerability to WPScan. And then, CVE-2022-3074 became my first-ever CVE.

After my first CVE was published, I conducted some research on open-source projects on GitHub and discovered a Host Header Injection vulnerability in Feehi CMS, which was assigned CVE-2022-38796.

Massive Hunt at 2023

In 2023, I conducted a massive hunt on WordPress plugins, creating a bot to detect vulnerabilities in them, and then reported the issues through Patchstack. During that year, I obtained more than 100 CVEs.

This is some CVE i found in 2023.

WordPress Plugins

CVE ID Title
CVE-2022-3074 Slider Hero < 8.4.4 - Admin+ Stored Cross-Site Scripting
CVE-2023-22714 Coming Soon by Supsystic <= 1.7.10 Cross Site Request Forgery
CVE-2023-23718 Page Loading Effects <= 2.0.0 - Admin+ Stored Cross-Site Scripting
CVE-2023-23864 Very Simple Google Maps <= 2.8.4 Contributor+ Cross-Site Scripting
CVE-2023-23728 WP Flipclock <= 1.7.4 - Contributor+ Cross-Site Scripting
CVE-2023-23989 RegistrationMagic <= - Unauthenticated HTML Injection
CVE-2023-23722 WP eBay Product Feeds <= 3.3.1 - Admin+ Stored Cross-Site Scripting
CVE-2023-23895 WP Time Slots Booking Form <= 1.1.82 - Broken Access Control
CVE-2023-23976 RegistrationMagic <= - Improper Authorization to Price Change
CVE-2023-23979 Quick Event Manager <= 9.7.4 - Unauthenticated Stored Cross Site Scripting
CVE-2023-24379 WordPress Landing Page Builder <= Editor+ Local File Inclusion


More published CVE at my Wordfence profile.

Other Open Source Project

CVE ID Title
CVE-2022-38796 Feehi CMS 2.1.1 Host Header Injection
CVE-2022-46074 Helmet Store Showroom v1.0 Login Page SQL Injection
CVE-2022-46443 Bang Resto v1.0 Authenticated SQL Injection
CVE-2023-24320 Axcora POS #0~gitf77ec09 Broken Authentication

And many more.

Whats Next?

Well, this year, I decided to prioritize quality over quantity. I am focusing on hunting CVEs in popular projects or searching specifically for critical or high-severity vulnerabilities only.