Disqus Comment System Security Vulnerabilities and Issues — Disqus Comment System CVE List

Lucene search

DisqusDisqus Comment System

3 matches found

CVE•added 2014/08/19 7:55 p.m.•35 views

CVE-2014-5347

Multiple cross-site request forgery (CSRF) vulnerabilities in the Disqus Comment System plugin before 2.76 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) disqus_replace, (2) disqus_public_k...

6.8CVSS6.8AI score0.03145EPSS

CVE•added 2014/08/19 7:55 p.m.•34 views

CVE-2014-5345

Cross-site scripting (XSS) vulnerability in upgrade.php in the Disqus Comment System plugin before 2.76 for WordPress allows remote attackers to inject arbitrary web script or HTML via the step parameter.

4.3CVSS6AI score0.02387EPSS

CVE•added 2014/08/19 7:55 p.m.•30 views

CVE-2014-5346

Multiple cross-site request forgery (CSRF) vulnerabilities in the Disqus Comment System plugin 2.77 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) activate or (2) deactivate the plugin via the active parameter to wp-admin/edit-comments.php,...

6.8CVSS7.5AI score0.00248EPSS