Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/10 8:59 a.m.9 views

CVE-2026-8902

The AJAX Report Comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.4. This is due to missing or incorrect nonce validation on the rcoptionspage function. This makes it possible for unauthenticated attackers to modify plugin settings...

4.3CVSS5.4AI score0.00124EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:16 a.m.15 views

CVE-2026-8902

The AJAX Report Comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.4. This is due to missing or incorrect nonce validation on the rcoptionspage function. This makes it possible for unauthenticated attackers to modify plugin settings...

4.3CVSS0.00124EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/09 3:41 a.m.12 views

CVE-2026-8902 AJAX Report Comments <= 2.0.4 - Cross-Site Request Forgery to Settings Update

The AJAX Report Comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.4. This is due to missing or incorrect nonce validation on the rcoptionspage function. This makes it possible for unauthenticated attackers to modify plugin settings...

4.3CVSS5.4AI score0.00124EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/06/08 3:5 p.m.10 views

WordPress AJAX Report Comments plugin <= 2.0.4 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin AJAX Report Comments versions = 2.0.4...

4.3CVSS5.5AI score0.00124EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder