Lucene search

K

Edit Comments Security Vulnerabilities

cve
cve

CVE-2021-38336

The Edit Comments XT WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/edit-comments-xt.php file which allows attackers to inject arbitrary web scripts, in versions up to and including...

6.1CVSS

6AI Score

0.001EPSS

2021-09-10 02:15 PM
22
cve
cve

CVE-2021-24551

The Edit Comments WordPress plugin through 0.3 does not sanitise, validate or escape the jal_edit_comments GET parameter before using it in a SQL statement, leading to a SQL injection...

9.8CVSS

9.7AI Score

0.003EPSS

2021-08-23 12:15 PM
31
cve
cve

CVE-2013-2122

The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to comments, which allows remote authenticated users with the "edit comments" permission to edit arbitrary comments of other users via unspecified...

6.5AI Score

0.008EPSS

2013-07-16 06:55 PM
21