Vulnerabilities > Disable Comments > Disable Comments Project > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-19 | CVE-2014-2550 | Cross-Site Request Forgery (CSRF) vulnerability in Disable Comments Disable Comments Project Cross-site request forgery (CSRF) vulnerability in the Disable Comments plugin before 1.0.4 for WordPress allows remote attackers to hijack the authentication of administrators for requests that enable comments via a request to the disable_comments_settings page to wp-admin/options-general.php. | 6.8 |