CVE-2022-4265

The Replyable WordPress plugin before 2.2.10 does not validate the class name submitted by the request when instantiating an object in the promptdismissnotice action and also lacks CSRF check in the related action. This could allow any authenticated users, such as subscriber to perform Object...

PT-2023-14142 · WordPress · Replyable

Name of the Vulnerable Software and Affected Versions: Replyable WordPress plugin versions prior to 2.2.10 Description: The issue arises from the lack of validation of the class name submitted by the request when instantiating an object in the prompt dismiss notice action, and the absence of a CS...

WordPress plugin Replyable 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

Postmatic <= 1.4.5 - Cross-Site Scripting (XSS)

The Replyable – Subscribe to Comments and Reply by Email WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...