57 matches found
EUVD-2021-11637
Malware in sbrugna...
EUVD-2025-5629
Malicious code in bioql PyPI...
EUVD-2025-28374
Malicious code in bioql PyPI...
IBM InfoSphere Information Server 安全漏洞
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A security vulnerability exists in IBM InfoSphere Information Server versions 11.7.0.0 through...
CVE-2021-24725
The Comment Link Remove and Other Comment Tools WordPress plugin before 2.1.6 does not have CSRF check in its 'Delete comments easily', which could allow attackers to make logged in admin delete arbitrary comments...
CVE-2020-36505
The Delete All Comments Easily WordPress plugin through 1.3 is lacking Cross-Site Request Forgery CSRF checks, which could result in an unauthenticated attacker making a logged in admin delete all comments from the blog...
CVE-2025-25130
Relative Path Traversal vulnerability in Shah Alom Delete Comments By Status delete-comments-by-status allows Path Traversal.This issue affects Delete Comments By Status: from n/a through = 2.1.1...
CVE-2025-25130
Relative Path Traversal vulnerability in Shah Alom Delete Comments By Status delete-comments-by-status allows Path Traversal.This issue affects Delete Comments By Status: from n/a through = 2.1.1...
CVE-2025-25130 WordPress Delete Comments By Status plugin <= 1.5.3 - Local File Inclusion vulnerability
Relative Path Traversal vulnerability in NotFound Delete Comments By Status allows PHP Local File Inclusion. This issue affects Delete Comments By Status: from n/a through 2.1.1...
CVE-2025-25130 WordPress Delete Comments By Status plugin <= 1.5.3 - Local File Inclusion vulnerability
Relative Path Traversal vulnerability in Shah Alom Delete Comments By Status delete-comments-by-status allows Path Traversal.This issue affects Delete Comments By Status: from n/a through = 2.1.1...
CVE-2025-25130
CVE-2025-25130 corresponds to a Relative Path Traversal that enables unauthenticated PHP Local File Inclusion in the WordPress plugin Delete Comments By Status (affected: Delete Comments By Status, versions
WordPress Delete Comments By Status plugin <= 1.5.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Dimas Maulana in WordPress Plugin Delete Comments By Status versions = 2.1.1...
PT-2024-37150 · WordPress · Tutor Lms Pro
Name of the Vulnerable Software and Affected Versions: The Tutor LMS Pro plugin for WordPress versions up to, and including, 2.7.2 Description: The issue allows authenticated attackers with subscriber-level access and above to perform administrative actions on the site, such as deleting comments,...
CVE-2023-28876
A Broken Access Control issue in comments to uploaded files in Filerun through Update 20220202 allows attackers to delete comments on files uploaded by other users...
Afian FileRun security vulnerability
Afian FileRun is a full-featured web-based file manager. A security vulnerability exists in Afian FileRun that stems from the presence of a corrupted access control issue that allows an attacker to delete comments on files uploaded by other users...
CVE-2020-36697
The WP GDPR plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in versions up to, and including, 2.1.1. This makes it possible for unauthenticated attackers to delete any comment and modify the plugin’s settings...
WordPress plugin Rich Reviews by Starfish 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2022-1709
The Throws SPAM Away WordPress plugin before 3.3.1 does not have CSRF checks in place when deleting comments either all, spam, or pending, allowing attackers to make a logged in admin delete comments via a CSRF attack...
Cross site request forgery (csrf)
The Throws SPAM Away WordPress plugin before 3.3.1 does not have CSRF checks in place when deleting comments either all, spam, or pending, allowing attackers to make a logged in admin delete comments via a CSRF attack...
CVE-2021-24806
The wpDiscuz WordPress plugin before 7.3.4 does check for CSRF when adding, editing and deleting comments, which could allow attacker to make logged in users such as admin edit and delete arbitrary comment, or the user who made the comment to edit it via a CSRF attack. Attackers could also make...