Raphael Karger

3 exploits Active since May 2020
CVE-2019-25763 EXPLOITDB CRITICAL python WORKING POC
WordPress Ultimate Addons for Beaver Builder 1.2.4.1 Authentication Bypass
WordPress Ultimate Addons for Beaver Builder 1.2.4.1 contains an authentication bypass vulnerability that allows attackers to gain unauthorized access by exploiting the social media login form functionality. Attackers can submit a POST request to the admin-ajax.php endpoint with the uabb-lf-google-submit action, a valid administrator email address, and a valid nonce to obtain session cookies and authenticate as that user.
CVSS 9.8
CVE-2020-13693 EXPLOITDB CRITICAL python WORKING POC
bbPress <2.6.5 - Privilege Escalation
An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled.
CVSS 9.8
EIP-2026-113832 EXPLOITDB python WORKING POC
WordPress Plugin InfiniteWP Client 1.9.4.5 - Authentication Bypass