Flywheel Subdomain Takeover

Flywheel is managed WordPress hosting built for designers and creative agencies to build, scale, and manage hundreds of WordPress sites with ease. One can set up a WordPress site in less…

POST based Open Redirect to R-XSS

Hope you guys are fine in this hard time, I am glad to share something which I have recently discovered and it’s about escalating Informational issue to Medium severity. i.e…

The Tricky XSS

Hello everyone, I would like to share a riveting issue regarding XSS (Cross-Site Scripting ) I endured a few months ago. Cross-site scripting (XSS) is a type of security vulnerability…

An inconsistent CSRF

I discovered Cross-Site Request Forgery (CSRF) issue in one of the bug bounty programs but limited to some easy and simple actions only. After spending a few minutes by browsing…