Wpdiscuz Security Vulnerabilities and Issues — Wpdiscuz CVE List

Lucene search

GvectorsWpdiscuz

5 matches found

CVE•added 2023/11/22 7:15 p.m.•64 views

CVE-2023-47775

Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team Comments — wpDiscuz plugin

8.8CVSS6.5AI score0.0007EPSS

CVE•added 2023/10/20 8:15 a.m.•49 views

CVE-2023-3998

The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the userRate function in versions up to, and including, 7.6.3. This makes it possible for unauthenticated attackers to increase or decrease the rating of a post.

5.3CVSS5.5AI score0.00221EPSS

CVE•added 2023/12/20 2:15 p.m.•46 views

CVE-2023-46311

Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments – wpDiscuz.This issue affects Comments – wpDiscuz: from n/a through 7.6.3.

6.5CVSS5AI score0.00065EPSS

CVE•added 2023/10/20 8:15 a.m.•44 views

CVE-2023-3869

The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the voteOnComment function in versions up to, and including, 7.6.3. This makes it possible for unauthenticated attackers to increase or decrease the rating of a comment.

5.3CVSS5.5AI score0.00221EPSS

CVE•added 2023/11/06 11:15 a.m.•41 views

CVE-2023-47185

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in gVectors Team Comments — wpDiscuz plugin

6.1CVSS5.8AI score0.00117EPSS