WordPress WP Social Comments plugin <= 1.7.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Friday Patchstack Alliance in WordPress Plugin WP Social Comments versions = 1.7.3...

WordPress Plugin Social Share, Social Login and Social Comments Plugin 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in the WordPress Plugin Social Share, Social Login and...

CVE-2023-23733

CVE-2023-23733 concerns the WordPress plugin Lazy Social Comments (aka lazy-facebook-comments) with a stored XSS vulnerability in versions 2.0.4), or apply vendor-provided mitigations. Exploitation status: not observed in provided docs beyond advisory entries; no in-the-wild exploit details are g...

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Team Heateor WordPress Social Comments Plugin for Vkontakte Comments and Disqus Comments plugin = 1.6.1 versions...

CVE-2023-23977

CVE-2023-23977 affects the Team Heateor WordPress Social Comments Plugin for Vkontakte Comments and Disqus Comments, versioned ≤ 1.6.1. The vulnerability is a Stored Cross-Site Scripting (XSS) that requires authentication (Contributor+). The issue stems from insufficient escaping/validation of sh...