EUVD-2013-1447

Malware in sbrugna...

CVE-2023-49159

Server-Side Request Forgery SSRF vulnerability in Elegant Digital Solutions CommentLuv.This issue affects CommentLuv: from n/a through 3.0.4...

WordPress CommentLuv Plugin <= 4 is vulnerable to Server Side Request Forgery (SSRF)

Software CommentLuv Type Plugin Vulnerable versions = 4 Fixed in N/A OWASP Top 10 A10: Server-Side Request Forgery SSRF Classification Server Side Request Forgery SSRF CVE CVE-2023-49159 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID 30f6e52299e3 Credits Yuchen Ji Require...

CVE-2013-1409

Cross-site scripting XSS vulnerability in the CommentLuv plugin before 2.92.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ajaxnonce parameter to wp-admin/admin-ajax.php...

WordPress CommentLuv Plugin - Cross Site Scripting

WordPress CommentLuv plugin is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based...