CVE-2014-5347

🗓️ 19 Aug 2014 19:55:04Reported by [email protected]Type

Multiple CSRF vulnerabilities in Disqus Comment System plugin before 2.76 for WordPress allow remote attackers to hijack administrator authentication and conduct XSS attacks

Reporter	Title	Published	Views	Family All 5
CVE	CVE-2014-5347	19 Aug 201419:00	–	cve
Cvelist	CVE-2014-5347	19 Aug 201419:00	–	cvelist
EUVD	EUVD-2014-5236	7 Oct 202500:30	–	euvd
Prion	Cross site request forgery (csrf)	19 Aug 201419:55	–	prion
WPVulnDB	Disqus <= 2.75 - Cross-Site Scripting (XSS) & CSRF	12 Aug 201400:00	–	wpvulndb

NVD

Node

disqus disqus_comment_systemRange≤2.75wordpress

disqus disqus_comment_systemMatch2.40wordpress

disqus disqus_comment_systemMatch2.41wordpress

disqus disqus_comment_systemMatch2.42wordpress

disqus disqus_comment_systemMatch2.43wordpress

disqus disqus_comment_systemMatch2.44wordpress

disqus disqus_comment_systemMatch2.45wordpress

disqus disqus_comment_systemMatch2.46wordpress

disqus disqus_comment_systemMatch2.47wordpress

disqus disqus_comment_systemMatch2.48wordpress

disqus disqus_comment_systemMatch2.49wordpress

disqus disqus_comment_systemMatch2.50wordpress

disqus disqus_comment_systemMatch2.51wordpress

disqus disqus_comment_systemMatch2.52wordpress

disqus disqus_comment_systemMatch2.53wordpress

disqus disqus_comment_systemMatch2.54wordpress

disqus disqus_comment_systemMatch2.55wordpress

disqus disqus_comment_systemMatch2.60wordpress

disqus disqus_comment_systemMatch2.61wordpress

disqus disqus_comment_systemMatch2.62wordpress

disqus disqus_comment_systemMatch2.63wordpress

disqus disqus_comment_systemMatch2.64wordpress

disqus disqus_comment_systemMatch2.65wordpress

disqus disqus_comment_systemMatch2.66wordpress

disqus disqus_comment_systemMatch2.67wordpress

disqus disqus_comment_systemMatch2.68wordpress

disqus disqus_comment_systemMatch2.69wordpress

disqus disqus_comment_systemMatch2.70wordpress

disqus disqus_comment_systemMatch2.71wordpress

disqus disqus_comment_systemMatch2.72wordpress

disqus disqus_comment_systemMatch2.73wordpress

disqus disqus_comment_systemMatch2.74wordpress

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/95289
gist	www.gist.github.com/nikcub/cb5dc7a5464276c8424a
seclists	www.seclists.org/fulldisclosure/2014/Aug/35
exploit-db	www.exploit-db.com/exploits/34336
packetstormsecurity	www.packetstormsecurity.com/files/127852/Disqus-2.7.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html
securityfocus	www.securityfocus.com/bid/69205
nikcub	www.nikcub.com/posts/multiple-vulnerabilities-in-disqus-wordpress-plugin
wordpress	www.wordpress.org/plugins/disqus-comment-system/other_notes
packetstormsecurity	www.packetstormsecurity.com/files/127847/WordPress-Disqus-2.7.5-CSRF-Cross-Site-Scripting.html
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/95288

06 May 2026 22:30Current

6.7Medium risk

Vulners AI Score6.7

CVSS 26.8

EPSS0.03019

CWE-352