RandomRobbieBF
The UK guy working at BishopFox who seems to have far too many wordpress exploits
BishopfoxUK,Liverpool
Pinned Repositories
CVE-2023-2982
WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.6.4 - Authentication Bypass
CVE-2023-32243
CVE-2023-32243 - Essential Addons for Elementor 5.4.0-5.7.1 - Unauthenticated Privilege Escalation
CVE-2023-7028
CVE-2023-7028
grafana-ssrf
Authenticated SSRF in Grafana
marshalsec-jar
marshalsec-0.0.3-SNAPSHOT-all compiled on X64
nuclei-drupal-sa
Nuclei templates for drupal vulns... far from perfect
phpunit-brute
Tool to try multiple paths for PHPunit RCE CVE-2017-9841
service-now
Service-Now Article Bruteforcer
wordpress-plugin-list
Wordpress Plugins List for Bruteforcing.
wp-file-manager
wp-file-manager RCE
RandomRobbieBF's Repositories
RandomRobbieBF/CVE-2024-2387
Advanced Form Integration – Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms <= 1.82.0 - SQL Injection to Reflected Cross-Site Scripting via integration_id
RandomRobbieBF/CVE-2024-13800
Popup Plugin For WordPress - ConvertPlus <= 3.5.30 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update
RandomRobbieBF/CVE-2025-22954
Koha CVE-2025-22954: SQL Injection in lateissues-export.pl
RandomRobbieBF/CVE-2025-5701
HyperComments <= 1.2.2 - Unauthenticated (Subscriber+) Arbitrary Options Update
RandomRobbieBF/CVE-2023-32590
Subscribe to Category <= 2.7.4 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2024-10571
Chartify – WordPress Chart Plugin <= 2.9.5 - Unauthenticated Local File Inclusion via source
RandomRobbieBF/CVE-2024-11396
Event monster <= 1.4.3 - Information Exposure Via Visitors List Export
RandomRobbieBF/CVE-2024-11848
NitroPack <= 1.17.0 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update
RandomRobbieBF/CVE-2024-12877
GiveWP – Donation Plugin and Fundraising Platform <= 3.19.2 - Unauthenticated PHP Object Injection
RandomRobbieBF/CVE-2024-13184
The Ultimate WordPress Toolkit – WP Extended <= 3.0.12 - Unauthenticated SQL Injection via Login Attempts Module
RandomRobbieBF/CVE-2024-13478
LTL Freight Quotes – TForce Edition <= 3.6.4 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2024-13479
LTL Freight Quotes – SEFL Edition <= 3.2.4 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2024-13481
LTL Freight Quotes – R+L Carriers Edition <= 3.3.4 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2024-13483
LTL Freight Quotes – SAIA Edition <= 2.2.10 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2024-13485
LTL Freight Quotes – ABF Freight Edition <= 3.3.7 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2024-13488
LTL Freight Quotes – Estes Edition <= 3.3.7 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2024-13489
LTL Freight Quotes – Old Dominion Edition <= 4.2.10 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2024-3605
WP Hotel Booking <= 2.1.0 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2024-50491
RSVP ME <= 1.9.9 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2024-54239
Eyewear prescription form <= 4.0.18 - Missing Authorization to Unauthenticated Arbitrary Options Update
RandomRobbieBF/CVE-2024-56058
VRPConnector <= 2.0.1 - Unauthenticated PHP Object Injection
RandomRobbieBF/CVE-2024-56059
Partners <= 0.2.0 - Unauthenticated PHP Object Injection
RandomRobbieBF/CVE-2025-22785
Course Booking System <= 6.0.5 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2025-25163
Plugin A/B Image Optimizer <= 3.3 - Authenticated (Subscriber+) Arbitrary File Download
RandomRobbieBF/CVE-2025-4578
File Provider <= 1.2.3 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2025-4840
Likes and Dislikes Plugin <= 1.0.0 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2025-5287
Likes and Dislikes Plugin <= 1.0.0 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2025-54726
JS Archive List <= 6.1.5 - Unauthenticated SQL Injection
RandomRobbieBF/CVE-2025-6970
Events Manager <= 7.0.3 - Unauthenticated SQL Injection via `orderby` Parameter
RandomRobbieBF/CVE-2025-8422
Propovoice <= 1.7.6.7 - Unauthenticated Arbitrary File Read