Adham Sadaqah

• Identifying security vulnerabilities in websites, applications, and systems.

• Creating and testing proofs-of-concept to demonstrate the severity and impact of the discovered vulnerabilities.

• Submit comprehensive reports to platforms such as HackerOne and Bugcrowd, including clear reproduction steps, affected components, and risk assessments.

In 2024, I have completed 41 submissions, including 11 critical and 19 high-severity findings. My expertise centers around identifying and reporting vulnerabilities to enhance the security of web applications. Notably, in 2023, I responsibly disclosed a critical Stored XSS vulnerability in Jetpack, a popular WordPress plugin. This vulnerability, which had been present since Jetpack 5.1 (July 2017), was patched in Jetpack 7.9.1.