Vulnerabilities > Bologer

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-21	CVE-2022-0134	Cross-Site Request Forgery (CSRF) vulnerability in Bologer Anycomment The AnyComment WordPress plugin before 0.2.18 does not have CSRF checks in the Import and Revert HyperComments features, allowing attackers to make logged in admin perform such actions via a CSRF attack network low complexity bologer CWE-352	8.8
2022-02-21	CVE-2022-0279	Race Condition vulnerability in Bologer Anycomment The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower the rating of other users network high complexity bologer CWE-362	3.1
2022-01-17	CVE-2021-24838	Open Redirect vulnerability in Bologer Anycomment The AnyComment WordPress plugin before 0.3.5 has an API endpoint which passes user input via the redirect parameter to the wp_redirect() function without being validated first, leading to an Open Redirect issue, which according to the vendor, is a feature. network low complexity bologer CWE-601	6.1
2019-08-27	CVE-2018-21001	Cross-site Scripting vulnerability in Bologer Anycomment 0.0.1/0.0.2/0.0.32 The anycomment plugin before 0.0.33 for WordPress has XSS. network low complexity bologer CWE-79	6.1

Vulnerabilities > Bologer {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Bologer"}]}