CVE-2022-43492

CVE-2022-43492 affects WordPress with the wpDiscuz plugin at version 7.4.2. It is an Insecure Direct Object References (IDOR) in the Comments feature. The NVD entry lists CVSS v3.1 base metrics: 8.8 (High) with NEURAL: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H; PatchStack cites a lower impact vector. R...

Upgraded Q -> M from #323 [1668467355303]

Judge has assessed an item in Issue 323 as M risk. The relevant finding follows: L00: beforeTokenTransfer function called with wrong params in LBToken Line 237 seems to be a copy pasta mistake from line 209 in LBToken.sol. On line 237 when burning tokens, to should be zero, and amount of from's...

User can get details of the comments that were deleted

Description When a user creates a new record he can add a comment on it. The user is also able to delete the comments after which the user wont be having access to that comment like replying, checking what the comment was. This vulnerability allows any user to see what the deleted comment was and...

GHSA-PRRH-QVHF-X788 PrestaShop Product Comments Cross-site Scripting vulnerability

Impact An attacker could steal an admin's cookie Patches The issue is fixed in 5.0.2 References Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

WordPress Stop Spam Comments Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

WP Comments Fields < 4.1 - Admin+ Stored Cross-Site Scripting

The plugin does not escape Field Error Message, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed PoC Create/edit a Comment Fields Comments Comment Fields and put the following payload in the Error Message setting: "autofocus...

CVE-2020-28036

wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post...

Drupal Users without "Administer comments" can set comment visibility on nodes they can edit

Drupal 8.x before 8.1.10 does not properly check for "Administer comments" permission, which allows remote authenticated users to set the visibility of comments for arbitrary nodes by leveraging rights to edit those nodes...

GHSA-79M3-Q3WH-C3QM Publify Incorrect Authorization

Improper Access Control in GitHub repository publify/publify prior to 9.2.8. Anonymous users can't view but can leave comments on an article in draft mode...

GHSA-3FJ7-9J8M-7R8G Moodle Stored HTML in assignment submission comments allowed links to be opened directly

A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Links within assignment submission comments would open directly in the same window. Although links themselves may be valid, opening within the same window and without the no-referrer header policy made them more...

Moodle Stored HTML in assignment submission comments allowed links to be opened directly

A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Links within assignment submission comments would open directly in the same window. Although links themselves may be valid, opening within the same window and without the no-referrer header policy made them more...

GHSA-WP3G-PR4H-Q6VV Moodle does not enforce capability requirements for reading blog comments

Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not enforce capability requirements for reading blog comments, which allows remote attackers to obtain sensitive information via a crafted request...

Turn off all comments <= 1.0 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the rows parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting https://example.com/wp-admin/tools.php?page=toac&status=success&rows=%3Csvg%2Fonload%3Dalert%28%2Fxss%2F%29%3E...

WordPress Turn off all comments plugin <= 1.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress Turn off all comments plugin versions = 1.0. Solution Deactivate and delete. This plugin has been closed as of April 19, 2022 and is not available for download. This closure is temporary, pending a full review...

Valorant cheats on YouTube are actually information-stealing malware

Valorant, the popular free-to-play team based shooter, is attracting the attention of scammers. It’s reported that a malware distribution campaign is leveraging YouTube to push infection files. The campaign distributes a file known for password theft, and hunts for those passwords in browsers,...

YzmCMS uncontrolled recursion vulnerability

Yzmcms is an open source CMS content management system for Yzmcms individual developers. an uncontrolled recursive vulnerability exists in YzmCMS v6.3, which stems from the fact that the comment function can operate concurrently and an attacker can use this vulnerability to create an unusually...

WordPress WP Ultimate CSV Importer plugin跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. cross-site scripting vulnerability exists in versions of WordPress WP Ultimate CSV Importer plugin prior to 6.4.3...

WordPress Comments Not Replied To plugin < 1.5.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Comments Not Replied To plugin versions 1.5.2. Solution Update the WordPress Comments Not Replied To plugin to the latest available version at least 1.5.2...

WordPress Comments Not Replied To plugin < 1.5.2 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Comments Not Replied To plugin versions 1.5.2. Solution Update the WordPress Comments Not Replied To plugin to the latest available version at least 1.5.2...

PeerTube licensing issue vulnerability

PeerTube is a decentralized video sharing service platform. It is used to create video projects. versions of PeerTube prior to 4.1.0 contain an authorization issue vulnerability that can be exploited by attackers to create new comments or reply to comments in private videos...