CVE-2023-51691

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gVectors Team Comments – wpDiscuz allows Stored XSS.This issue affects Comments – wpDiscuz: from n/a through 7.6.12...

Authorization

Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments – wpDiscuz.This issue affects Comments – wpDiscuz: from n/a through 7.6.3...

CVE-2022-43492

Auth. subscriber+ Insecure Direct Object References IDOR vulnerability in Comments – wpDiscuz plugin 7.4.2 on WordPress...