Latest gvectors wpdiscuz Vulnerabilities

CVE-2023-51691
WordPress wpDiscuz Plugin <= 7.6.12 is vulnerable to Cross Site Scripting (XSS)
Gvectors Wpdiscuz<=7.6.12
CVE-2023-46311
WordPress wpDiscuz Plugin <= 7.6.3 is vulnerable to Insecure Direct Object References (IDOR)
Gvectors Wpdiscuz<7.6.4
CVE-2023-47775
WordPress wpDiscuz Plugin <= 7.6.11 is vulnerable to Cross Site Request Forgery (CSRF)
Gvectors Wpdiscuz<7.6.12
CVE-2023-47185
WordPress wpDiscuz Plugin <= 7.6.11 is vulnerable to Cross Site Scripting (XSS)
Gvectors Wpdiscuz<=7.6.11
CVE-2023-3998
The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the userRate function in versions up to, and including, 7.6.3. This makes i...
Gvectors Wpdiscuz<=7.6.3
CVE-2023-3869
The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the voteOnComment function in versions up to, and including, 7.6.3. This ma...
Gvectors Wpdiscuz<=7.6.3
CVE-2022-43492
Auth. (subscriber+) Insecure Direct Object References (IDOR) vulnerability in Comments – wpDiscuz plugin 7.4.2 on WordPress.
Gvectors Wpdiscuz=7.4.2
CVE-2022-23984
Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11).
Gvectors Wpdiscuz<=7.3.11
CVE-2021-24806
The wpDiscuz WordPress plugin before 7.3.4 does check for CSRF when adding, editing and deleting comments, which could allow attacker to make logged in users such as admin edit and delete arbitrary co...
Gvectors Wpdiscuz<7.3.4
CVE-2020-24186
A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the...
Gvectors Wpdiscuz>=7.0<=7.0.4
CVE-2020-13640
A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the order parameter of a wpdLoadMoreComments request...
Gvectors Wpdiscuz<=5.3.5

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203