Lucene search
K

33 matches found

CNNVD
CNNVD
added 2025/11/13 12:0 a.m.5 views

WordPress plugin Comment Edit Core – Simple Comment Editing 信息泄露漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Comment Edit Core - Simple Comment Editing has an information disclosure...

5.3CVSS5.7AI score0.00262EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/11/12 11:45 p.m.5 views

WordPress Comment Edit Core – Simple Comment Editing plugin <= 3.1.0 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by Powpy in WordPress Plugin Comment Edit Core – Simple Comment Editing versions = 3.1.0...

5.3CVSS6.7AI score0.00262EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/06/19 10:15 a.m.4 views

CVE-2025-5071

The AI Engine plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'MeowMWAILabsMCP::canaccessmcp' function in versions 2.8.0 to 2.8.3. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS5.8AI score0.00603EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 12:0 p.m.22 views

CVE-2025-24703

Server-Side Request Forgery SSRF vulnerability in Ronald Huereca Comment Edit Core – Simple Comment Editing simple-comment-editing allows Server Side Request Forgery.This issue affects Comment Edit Core – Simple Comment Editing: from n/a through = 3.0.33...

4.4CVSS7.2AI score0.0031EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/24 11:47 a.m.4 views

WordPress Comment Edit Core – Simple Comment Editing Plugin <= 3.0.33 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Marek Mikita in WordPress Plugin Comment Edit Core – Simple Comment Editing versions = 3.0.33...

4.4CVSS7AI score0.0031EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/01/24 12:0 a.m.4 views

WordPress plugin Comment Edit Core – Simple Comment Editing 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPres...

4.4CVSS8.4AI score0.0031EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.7 views

PT-2025-5517 · Unknown · Dlx Plugins Comment Edit Core

Name of the Vulnerable Software and Affected Versions: DLX Plugins Comment Edit Core – Simple Comment Editing versions through 3.0.33 Description: A Server-Side Request Forgery SSRF issue affects the software, allowing for Server Side Request Forgery. Recommendations: For versions through 3.0.33,...

4.4CVSS7AI score0.0031EPSS
Exploits0References3
wpexploit
wpexploit
added 2022/03/29 12:0 a.m.58 views

DW Question & Answer Pro <= 1.3.4 - Arbitrary Comment Edition via IDOR

The plugin does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments. Vendor was notified via Envato on September 28th, 2021, but did not properly fix the issue and was notified numerous times since. As any authenticated user, post a...

4.3CVSS0.7AI score0.00632EPSS
Exploits2
OSV
OSV
added 2020/03/12 2:15 p.m.4 views

CVE-2020-10504

CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request...

4.3CVSS5.8AI score0.00485EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2017/12/08 12:0 a.m.14 views

GitLab -- multiple vulnerabilities

GitLab reports: User without access to private Wiki can see it on the project page Matthias Burtscher reported that it was possible for a user to see a private Wiki on the project page without having the corresponding permission. E-mail address disclosure through member search fields Hugo Geoffro...

0.4AI score
Exploits0References1
Hacker One
Hacker One
added 2016/11/12 1:24 p.m.23 views

X (Formerly Twitter): [IDOR][translate.twitter.com] Opportunity to change any comment at the forum

POC: https://translate.twitter.com/forum/getting-started/topics/7037/posts/43287/edit Steps to reproduce: 1 Go to any forums topic for example: https://translate.twitter.com/forum/getting-started/topics/7037 2 View source code of the page and take post id screenshot "idor edit.jpg" 3 Append...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2015/03/10 9:12 a.m.34 views

Vimeo: A user can edit comments even after video comments are disabled

A user can escalate privileges and edit his previous comments, when comments are disabled for a video. Steps to verify: 1. Log into vimeo.com as Alice. Upload a video say, video id - 118026546 and allow anyone to leave comments for that video . 2. Login as Bob and navigate to the video URL -...

Exploits0
Cvelist
Cvelist
added 2010/05/26 6:0 p.m.18 views

CVE-2009-4874

TalkBack 2.3.14 does not properly restrict access to the edit comment feature comments.php, which allows remote attackers to modify comments...

6.7AI score0.02605EPSS
Exploits1References6
Rows per page
Query Builder