SecNews


4 total issues disclosed

$300 total paid publicly


Most disclosed (2 disclosures) — Violation of Secure Design Principles

View disclosed reports



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
DOM based XSS in search functionality Cross-site Scripting (XSS) - Generic sameoldstory Medium 2016-11-16
Text injection on error page. Violation of Secure Design Principles h4rsh4d No rating 2016-08-09
Content spoofing due to the improper behavior of the not-found message Violation of Secure Design Principles malcolmx No rating 2016-08-09
Querying private posts and changing post meta Privilege Escalation sameoldstory No rating 2016-08-09