pyus3r

Available for immediate withdrawal€10,772

Professional Bio

21y/o Bug Bounty Hunter & Founder of Logical Breach Academy

Documented

Writeups

Cheatsheets

Tools

Featured Content

Insecure Direct Object Reference (IDOR) (CWE-639)FREE

IDOR Leading to Plaintext SFTP Credential Disclosure and Unauthorized SFTP Access

An Insecure Direct Object Reference (IDOR) vulnerability in the organization API allows authenticated users to manipulate the identifier parameter and retrieve plaintext SFTP credentials belonging to other users or organizations, potentially leading to unauthorized access to sensitive files stored on the SFTP server.

pyus3r

Mar 16, 2026

CVSS10

€7,000

Cross-site Scripting (XSS) - Generic (CWE-79)FREE

Cross-Site Scripting (XSS) Cheat Sheet

This cheat sheet covers: - Reflected XSS: Payloads reflected in the immediate response. - Stored XSS: Payloads persisted in the database. - DOM-based XSS: Payloads executed via client-side JavaScript. - Framework-specific XSS: Exploiting template engines like AngularJS. - Bypass Techniques: WAF evasion and encoding.

pyus3r

Mar 7, 2026

Cross-site Scripting (XSS) - Reflected (CWE-79)FREE

CVE-2025-24752: Reflected XSS in popup-selector Parameter of Essential Addons for Elementor ≤ 6.0.14

This writeup details a high-severity Reflected Cross-Site Scripting (XSS) vulnerability (CVE-2025-24752) discovered in the Essential Addons for Elementor plugin for WordPress (by WPDeveloper).

pyus3r

Mar 6, 2026

CVSS5.1

€734

LogicalBreach Academy

pyus3r

Professional Bio

Featured Content

IDOR Leading to Plaintext SFTP Credential Disclosure and Unauthorized SFTP Access

Cross-Site Scripting (XSS) Cheat Sheet

CVE-2025-24752: Reflected XSS in popup-selector Parameter of Essential Addons for Elementor ≤ 6.0.14