2 matches found
CVE-2025-14370
The Quote Comments plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.0.0. This is due to missing authorization checks in the quotecommentsaddadmin function. This makes it possible for authenticated attackers, with Subscriber-level access and above...
WordPress Quote Comments plugin <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Update vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Plugin Settings Update vulnerability discovered by Legion Hunter in WordPress Plugin Quote Comments versions = 3.0.0...