20 matches found
WordPress AnyComment plugin <= 0.3.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rooting in WordPress Plugin AnyComment versions = 0.3.6...
WordPress plugin AnyComment 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
EUVD-2021-11750
Malware in sbrugna...
EUVD-2022-15453
Malicious code in bioql PyPI...
CVE-2022-0279
The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower the rating of other users...
CVE-2018-21001
The anycomment plugin before 0.0.33 for WordPress has XSS...
WordPress AnyComment Plugin <= 0.0.98 is vulnerable to Cross Site Scripting (XSS)
Software AnyComment Type Plugin Vulnerable versions = 0.0.98 Fixed in 0.0.99 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 1f6e48daf8e4 Credits Rafie Muhammad Patchstack Required...
WordPress Cross-Site Request Forgery Vulnerability (CNVD-2022-25195)
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the AnyComment plugin for WordPress, versions...
CVE-2022-0279
The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower the rating of other users...
CVE-2022-0279 AnyComment < 0.2.18 - Comment Rating Increase/Decrease via Race Condition
The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower the rating of other users...
WordPress 跨站请求伪造漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the AnyComment plugin for WordPress, versions...
WordPress AnyComment plugin <= 0.2.17 - Arbitrary HyperComments Import/Revert via CSRF vulnerability
Arbitrary HyperComments Import/Revert via CSRF vulnerability discovered by Brandon Roldan in WordPress AnyComment plugin versions = 0.2.17. Solution Update the WordPress AnyComment plugin to the latest available version at least 0.2.18...
WordPress AnyComment plugin <= 0.2.17 - Comment Rating Increase/Decrease via Race Condition vulnerability
Comment Rating Increase/Decrease via Race Condition vulnerability discovered by Brandon Roldan in WordPress AnyComment plugin versions = 0.2.17 Solution Update the WordPress AnyComment plugin to the latest available version at least 0.2.18...
AnyComment < 0.2.18 - Arbitrary HyperComments Import/Revert via CSRF
The plugin does not have CSRF checks in the Import and Revert HyperComments features, allowing attackers to make logged in admin perform such actions via a CSRF attack PoC Go to https://example.com/wordpress/wp-admin/admin.php?r=import%2Fhypercomments=http://, and you will see a get request in yo...
WordPress plugin AnyComment 输入验证错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An input validation error vulnerability...
WordPress AnyComment plugin <= 0.3.4 - Open Redirect vulnerability
Open Redirect vulnerability discovered by Brandon Roldan in WordPress AnyComment plugin versions = 0.3.4. Solution Update the WordPress AnyComment plugin to the latest available version at least 0.3.5...
AnyComment <= 0.3.1 - Open Redirect
The plugin has an API endpoint which passes user input via the redirect parameter to the wpredirect function without being validated first, leading to an Open Redirect issue, which according to the vendor, is a feature...
CVE-2018-21001
The anycomment plugin before 0.0.33 for WordPress has XSS...
Cross site scripting
The anycomment plugin before 0.0.33 for WordPress has XSS...
CVE-2018-21001
The anycomment plugin before 0.0.33 for WordPress has XSS...