Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

fahadmahmood — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting fahadmahmood. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Fahadmahmood develops security research tools and penetration testing utilities, focusing on identifying vulnerabilities in web applications and network systems. Historically, their contributions center around remote code execution, cross-site scripting, and privilege escalation flaws, particularly in popular open-source platforms. While no major public security incidents directly linked to their work have been widely documented, their CVE history demonstrates consistent findings in authentication bypasses and input validation weaknesses across multiple frameworks. Their research often highlights critical flaws in widely used systems, contributing significantly to the security community's understanding of common attack vectors in enterprise environments.

Top products by fahadmahmood: Keep Backup Daily WP Datepicker WP Docs RSS Feed Widget Export Customers Data WP Responsive Tabs Easy Upload Files During Checkout Order Splitter for WooCommerce Injection Guard
CVE IDTitleCVSSSeverityPublished
CVE-2026-3878 WP Docs <= 2.2.9 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'wpdocs_options[icon_size]' — WP DocsCWE-79 6.4 Medium2026-04-16
CVE-2026-3368 Injection Guard <= 1.2.9 - Unauthenticated Stored Cross-Site Scripting via Query Parameter Name — Injection GuardCWE-79 7.2 High2026-03-20
CVE-2026-3577 Keep Backup Daily <= 2.1.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Backup Title — Keep Backup DailyCWE-79 4.4 Medium2026-03-20
CVE-2026-3339 Keep Backup Daily <= 2.1.1 - Authenticated (Admin+) Limited Path Traversal via 'kbd_path' Parameter — Keep Backup DailyCWE-22 2.7 Low2026-03-20
CVE-2025-12075 Order Splitter for WooCommerce <= 5.3.5 - Missing Authorization to Authenticated (Subscriber+) Order Information Exposure — Order Splitter for WooCommerceCWE-862 4.3 Medium2026-02-18
CVE-2025-12682 Easy Upload Files During Checkout <= 2.9.8 - Unauthenticated Arbitrary JavaScript File Upload — Easy Upload Files During CheckoutCWE-434 9.8 Critical2025-11-04
CVE-2024-13387 WP Responsive Tabs <= 1.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — WP Responsive TabsCWE-79 6.4 Medium2025-01-16
CVE-2024-12468 WP Datepicker <= 2.1.4 - Reflected Cross-Site Scripting — WP DatepickerCWE-79 6.1 Medium2024-12-24
CVE-2024-12405 Export Customers Data <= 1.2.3 - Reflected Cross-Site Scripting — Export Customers DataCWE-79 6.1 Medium2024-12-24
CVE-2024-12635 WP Docs <= 2.2.0 - Authenticated (Subscriber+) Time-Based SQL Injection via 'dir_id' — WP DocsCWE-89 6.5 Medium2024-12-21
CVE-2024-10057 RSS Feed Widget <= 2.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via rfw-youtube-videos Shortcode — RSS Feed WidgetCWE-79 6.4 Medium2024-10-18
CVE-2024-3895 WP Datepicker <= 2.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update — WP DatepickerCWE-862 8.8 High2024-05-02
CVE-2022-1820 Keep Backup Daily <= 2.0.2 - Reflected Cross-Site Scripting — Keep Backup DailyCWE-79 6.1 Medium2022-06-13

This page lists every published CVE security advisory associated with fahadmahmood. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.