Shreya Pohekar


Shreya Pohekar is a Security Researcher and Developer. She leads Null Bhopal and Infosecgirls bhopal chapter. She’s an active speaker in various infosec communities like Null, OWASP, Infosecgirls. She writes technical blogs at shreyapohekar.com. She has experience working in mobile and web dev, web security and linux administration. She is RHCSA Certified and holds pro-hacker badge on hackthebox.


Count of Items per Category

CategoryCount
Cross Site Scripting ( Xss)4
Injection19
Local File Inclusion1
Ssrf1

Disclosures


Status Component Name Vulnerability Version Disclosure Date CVE-Number
wp-plugin : unlimited-popups Injection 4.5.3 2021/10/07 CVE-2021-24631
wp-plugin : schreikasten Injection 0.14.18 2021/10/07 CVE-2021-24630
wp-plugin : post-content-xmlrpc Injection 1 2021/10/07 CVE-2021-24629
wp-plugin : mwp-forms Injection 3.1.3 2021/10/07 CVE-2021-24628
wp-plugin : g-auto-hyperlink Injection 1.0.1 2021/10/07 CVE-2021-24627
wp-plugin : chameleon-css Injection 1.2 2021/10/07 CVE-2021-24626
wp-plugin : catalog Injection 1.7.3 2021/10/07 CVE-2021-24625
wp-plugin : wp-paytm-pay Injection 1.3.2 2021/07/23 CVE-2021-24554
wp-plugin : timeline-calendar Injection 1.2 2021/07/23 CVE-2021-24553
wp-plugin : simple-events-calendar Injection 1.4.0 2021/07/23 CVE-2021-24552
wp-plugin : project-status Cross Site Scripting ( Xss) 1.6 2021/07/23 CVE-2021-24558
wp-plugin : m-vslider Injection 2.1.3 2021/07/23 CVE-2021-24557
wp-plugin : email-subscriber Cross Site Scripting ( Xss) 1.1 2021/07/23 CVE-2021-24556
wp-plugin : edit-comments Injection 0.3 2021/07/23 CVE-2021-24551
wp-plugin : diary-availability-calendar Injection 1.0.3 2021/07/23 CVE-2021-24555
wp-plugin : broken-link-manager Injection 0.6.5 2021/07/23 CVE-2021-24550
wp-plugin : aceide Local File Inclusion 2.6.2 2021/07/23 CVE-2021-24549
wp-plugin : rsvpmaker Ssrf 8.6.4 2021/06/29 CVE-2021-24371
wp-plugin : handsome-testimonials Injection 2.0.7 2021/06/29 CVE-2021-24492
wp-plugin : stock-in Cross Site Scripting ( Xss) 1.0.4 2021/05/27 CVE-2021-24346
wp-plugin : side-menu Injection 3.1.3 2021/05/27 CVE-2021-24348
wp-plugin : sendit Injection 2.5.1 2021/05/27 CVE-2021-24345
wp-plugin : flightlog Injection 3.0.2 2021/05/19 CVE-2021-24336
wp-plugin : giveasap Cross Site Scripting ( Xss) 2.35.0 2021/05/09 CVE-2021-24298
wp-plugin : cars-seller-auto-classifieds-script Injection 2.1.0 2021/04/26 CVE-2021-24285