Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anycomment vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-21001
The anycomment plugin prior to 0.0.33 for WordPress has XSS.
Bologer Anycomment
6.1
CVSSv3
CVE-2021-24838
The AnyComment WordPress plugin prior to 0.3.5 has an API endpoint which passes user input via the redirect parameter to the wp_redirect() function without being validated first, leading to an Open Redirect issue, which according to the vendor, is a feature.
Bologer Anycomment
3.1
CVSSv3
CVE-2022-0279
The AnyComment WordPress plugin prior to 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower the rating of other users
Bologer Anycomment
8.8
CVSSv3
CVE-2022-0134
The AnyComment WordPress plugin prior to 0.2.18 does not have CSRF checks in the Import and Revert HyperComments features, allowing malicious users to make logged in admin perform such actions via a CSRF attack
Bologer Anycomment
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started