~/security-research
$./list_cves.sh --researcher=n0_arafat_n0|
cd ..
Patchstack Profile[CVE_DISCLOSURES]
9
Total Vulnerabilities
7
Published CVEs
7.5
Highest CVSS
@n0_arafat_n0
Responsible Disclosure · Patchstack VDP
CVE-2025-62039CVSS 7.5
AI ChatBot with ChatGPT and Content Generator by AYS
WordPress · ≤ 2.6.6
Sensitive Data Exposure
HighAdvisory
CVE-2025-58680CVSS 6.5
Gutentor
WordPress · ≤ 3.5.2
Broken Access Control
MediumAdvisory
CVE-2025-59562CVSS 5.5
Academy LMS
WordPress · ≤ 3.3.4
Insecure Direct Object Reference (IDOR)
MediumAdvisory
CVE-2025-58981CVSS 5.4
Accessibility Checker by Equalize Digital
WordPress · ≤ 1.30.0
Insecure Direct Object Reference (IDOR)
MediumAdvisory
CVE-2025-64277CVSS 5.3
ChatBot
WordPress · ≤ 7.3.9
Broken Access Control
MediumAdvisory
CVE-2025-62932CVSS 4.3
Table Block by RioVizual
WordPress · ≤ 3.0.1
Broken Access Control
MediumAdvisory
CVE-2025-62931CVSS 4.3
MSN Partner Hub
WordPress · ≤ 2.9
Broken Access Control
MediumAdvisory
CVE · reservedCVSS 5.4
Event Tickets
WordPress · ≤ 5.26.3
Broken Access Control
MediumAdvisory
CVE · reservedCVSS 5
Publitio
WordPress · ≤ 2.2.5
Sensitive Data Exposure
MediumAdvisory
CVEs Discovered by Easin Arafat (n0_arafat_n0)
Easin Arafat, Application Security Engineer at Startise, is a security researcher credited on the Patchstack Vulnerability Disclosure Program under the handle n0_arafat_n0. He has responsibly disclosed 9 security vulnerabilities in WordPress plugins, spanning Broken Access Control, Insecure Direct Object Reference (IDOR), and Sensitive Data Exposure.
- CVE-2025-62039: AI ChatBot with ChatGPT and Content Generator by AYS ≤ 2.6.6 — Sensitive Data Exposure (CVSS 7.5, High) reported by Easin Arafat (n0_arafat_n0) via Patchstack.
- CVE-2025-58680: Gutentor ≤ 3.5.2 — Broken Access Control (CVSS 6.5, Medium) reported by Easin Arafat (n0_arafat_n0) via Patchstack.
- CVE-2025-59562: Academy LMS ≤ 3.3.4 — Insecure Direct Object Reference (IDOR) (CVSS 5.5, Medium) reported by Easin Arafat (n0_arafat_n0) via Patchstack.
- CVE-2025-58981: Accessibility Checker by Equalize Digital ≤ 1.30.0 — Insecure Direct Object Reference (IDOR) (CVSS 5.4, Medium) reported by Easin Arafat (n0_arafat_n0) via Patchstack.
- CVE-2025-64277: ChatBot ≤ 7.3.9 — Broken Access Control (CVSS 5.3, Medium) reported by Easin Arafat (n0_arafat_n0) via Patchstack.
- CVE-2025-62932: Table Block by RioVizual ≤ 3.0.1 — Broken Access Control (CVSS 4.3, Medium) reported by Easin Arafat (n0_arafat_n0) via Patchstack.
- CVE-2025-62931: MSN Partner Hub ≤ 2.9 — Broken Access Control (CVSS 4.3, Medium) reported by Easin Arafat (n0_arafat_n0) via Patchstack.
- Event Tickets ≤ 5.26.3 — Broken Access Control (CVSS 5.4, Medium) reported by Easin Arafat (n0_arafat_n0) via Patchstack.
- Publitio ≤ 2.2.5 — Sensitive Data Exposure (CVSS 5, Medium) reported by Easin Arafat (n0_arafat_n0) via Patchstack.