Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2023/06/07 2:15 a.m.9 views

CVE-2016-15033

The Delete All Comments plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the via the delete-all-comments.php file in versions up to, and including, 2.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affecte...

9.8CVSS9.9AI score0.05595EPSS
Exploits1References3
OSV
OSVadded 2023/06/07 2:15 a.m.1 views

CVE-2016-15033

The Delete All Comments plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the via the delete-all-comments.php file in versions up to, and including, 2.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affecte...

9.8CVSS6.4AI score
Exploits0References3
CNNVD
CNNVDadded 2023/06/07 12:0 a.m.1 views

WordPress Plugin Delete All Comments 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

9.8CVSS8.5AI score0.05595EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2023/06/07 12:0 a.m.2 views

PT-2023-10352 · WordPress · Delete All Comments

Name of the Vulnerable Software and Affected Versions: Delete All Comments plugin for WordPress versions up to, and including, 2.0 Description: The issue arises from missing file type validation in the delete-all-comments.php file, allowing unauthenticated attackers to upload arbitrary files on t...

9.8CVSS9.7AI score0.05595EPSS
Exploits1References5
Patchstack
Patchstackadded 2022/02/28 12:0 a.m.7 views

WordPress Delete All Comments of wordpress plugin <= 4.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Delete All Comments of wordpress plugin versions = 4.2. Solution Update the WordPress Delete All Comments of wordpress plugin to the latest available version at least 4.3...

4.4AI score
Exploits0References2Affected Software1
Patchstack
Patchstackadded 2022/02/28 12:0 a.m.10 views

WordPress Delete All Comments of wordpress plugin <= 4.2 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Delete All Comments of wordpress plugin versions = 4.2. Solution Update the WordPress Delete All Comments of wordpress plugin to the latest available version at least 4.3...

2.7AI score
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2021/11/01 12:0 a.m.1 views

WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. WordPress Delete All Comments Easily plugin in version 1.3 and earlier is vulnerable to cross-site request forgery, which can ...

6.5CVSS5.3AI score0.00233EPSS
Exploits1References2
Rows per page
Query Builder