Skip to content
View windz3r0day's full-sized avatar
πŸ‘¨β€πŸ’»
I'm writing an exploit for CVE...
πŸ‘¨β€πŸ’»
I'm writing an exploit for CVE...
8 followers · 1 following

Highlights

  • Pro

Block or report windz3r0day

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
windz3r0day/README.md

πŸ” CVE Researcher & WordPress Vulnerability Hunter

Profile Views
WordPress CVE Badge
CVE Badge

πŸ‘¨β€πŸ’» About Me

Hello! I'm windz3r0day, a CVE Researcher with a passion for discovering and responsibly disclosing vulnerabilities in WordPress plugins, themes, and core components.

My mission is to identify critical flaws in WordPress and contribute to a safer digital ecosystem by ensuring vulnerabilities are addressed by the community.

  • πŸ”Ž Focus Areas: Security research, vulnerability discovery, and CVE disclosures in WordPress.
  • πŸ› οΈ Core Skills: Penetration testing, fuzzing, reverse engineering.
  • 🌍 Mission: Enhance security and protect websites worldwide through responsible vulnerability disclosure.

🧩 CVE Research & Vulnerability Disclosure

πŸ•΅οΈβ€β™‚οΈ Current CVEs:

CVE ID Description Severity PoC Available
CVE-2024-10793 XSS in WordPress Plugin WP Activity Log High βœ…
CVE-2024-10015 XSS in WordPress Plugin ConvertCalculator Medium βœ…
CVE-2024-10592 XSS in WordPress Plugin The Mapster WP Maps Medium βœ…
CVE-2024-11381 XSS in WordPress Plugin Control horas Medium βœ…
CVE-2024-11428 XSS in WordPress Plugin Lazy load videos and sticky control Medium βœ…
CVE-2024-11412 XSS in WordPress Plugin Shine PDF Embeder Medium βœ…
CVE-2024-11388 XSS in WordPress Plugin Dino Game Medium βœ…
CVE-2024-11432 XSS in WordPress Plugin SuevaFree Essential Kit Medium βœ…
CVE-2024-11199 XSS in WordPress Plugin Rescue Shortcodes Medium βœ…
CVE-2024-11387 XSS in WordPress Plugin Easy Liveblogs Medium βœ…

I disclose vulnerabilities responsibly and provide a detailed analysis for each CVE discovered. For more detailed reports, check the official CVE database and my blog.

πŸ› οΈ Tools & Techniques

  • πŸ”§ Tools: Burp Suite, Wireshark, Ghidra, Fuzzing Tools, WPScan.
  • πŸ§ͺ Techniques: Reverse engineering, fuzz testing, exploitation, static & dynamic analysis.

Donate

  • Monero(XMR): 4AYp8xqfLhdNzrrYMsrFDFGxgDVXaTJxGV63tg3CcVvajhQsHrdqAjXfsV42C3WfA6cifKMkrcYfXMUnbdKx8tceK54jqV7

πŸ“Š GitHub Stats

⚠️ Disclaimer

All content and research are shared for ethical and educational purposes only. Any misuse of this information for malicious purposes is strongly discouraged.

⭐️ Feel free to explore my repositories, follow my work, and join me in making WordPress more secure!

Popular repositories Loading

  1. CVE-2024-10793 CVE-2024-10793 Public

    CVE-2024-10793 poc exploit

    Shell 7 2

  2. CVE-2024-10015 CVE-2024-10015 Public

    CVE-2024-10015 poc exploit

    2

  3. CVE-2024-10592 CVE-2024-10592 Public

    CVE-2024-10592 poc exploit

    2

  4. windz3r0day windz3r0day Public

    Config files for my GitHub profile.

    1

  5. CVE-2024-11432 CVE-2024-11432 Public

    CVE-2024-11432 poc exploit

    1

  6. CVE-2024-11388 CVE-2024-11388 Public

    CVE-2024-11388 poc exploit

    1