Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bologer anycomment vulnerabilities and exploits
(subscribe to this query)
3.1
CVSSv3
CVE-2022-0279
The AnyComment WordPress plugin prior to 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower the rating of other users
Bologer Anycomment
6.1
CVSSv3
CVE-2018-21001
The anycomment plugin prior to 0.0.33 for WordPress has XSS.
Bologer Anycomment
8.8
CVSSv3
CVE-2022-0134
The AnyComment WordPress plugin prior to 0.2.18 does not have CSRF checks in the Import and Revert HyperComments features, allowing malicious users to make logged in admin perform such actions via a CSRF attack
Bologer Anycomment
6.1
CVSSv3
CVE-2021-24838
The AnyComment WordPress plugin prior to 0.3.5 has an API endpoint which passes user input via the redirect parameter to the wp_redirect() function without being validated first, leading to an Open Redirect issue, which according to the vendor, is a feature.
Bologer Anycomment
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started