Stored XSS via CSV File Upload (Writeup)CSV File Upload can be an Enty Point for Your Attack!Apr 17, 2025A response icon1Apr 17, 2025A response icon1
Privilege Escalation via Registration Feature WriteupMom, look. I’m an admin!Mar 30, 2025A response icon1Mar 30, 2025A response icon1
CVE-2024–54385 | WordPress PluginI discovered a Server-Side Request Forgery (SSRF) vulnerability in the Radio Player WordPress plugin, assigned as CVE-2024–54385Dec 17, 2024A response icon1Dec 17, 2024A response icon1
SSRF to Server Takeover PoC (Bug Bounty Writeup)Hi, there! In this post, I’ll explain how I discovered a critical vulnerability that allowed me to take over a server with root access…Aug 6, 2024A response icon3Aug 6, 2024A response icon3
