Vulnerabilities > Gvectors
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-25 | CVE-2024-9488 | Unspecified vulnerability in Gvectors Wpdiscuz The Comments – wpDiscuz plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.6.24. | 9.8 |
| 2024-06-21 | CVE-2022-38055 | Cross-site Scripting vulnerability in Gvectors Wpforo Forum Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpForo Forum allows Content Spoofing.This issue affects wpForo Forum: from n/a through 2.0.9. | 5.4 |
| 2024-06-08 | CVE-2024-35681 | Cross-site Scripting vulnerability in Gvectors Wpdiscuz Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.18. | 5.4 |
| 2024-02-01 | CVE-2023-51691 | Cross-site Scripting vulnerability in Gvectors Wpdiscuz Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gVectors Team Comments – wpDiscuz allows Stored XSS.This issue affects Comments – wpDiscuz: from n/a through 7.6.12. | 4.8 |
| 2023-12-20 | CVE-2023-46311 | Authorization Bypass Through User-Controlled Key vulnerability in Gvectors Wpdiscuz Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments – wpDiscuz.This issue affects Comments – wpDiscuz: from n/a through 7.6.3. | 6.5 |
| 2023-12-18 | CVE-2023-49759 | Unspecified vulnerability in Gvectors Woodiscuz - Woocommerce Comments Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team WooDiscuz – WooCommerce Comments.This issue affects WooDiscuz – WooCommerce Comments: from n/a through 2.3.0. | 8.8 |
| 2023-11-30 | CVE-2023-47870 | Missing Authorization vulnerability in Gvectors Wpforo Forum Cross-Site Request Forgery (CSRF), Missing Authorization vulnerability in gVectors Team wpForo Forum wpforo allows Cross Site Request Forgery, Accessing Functionality Not Properly Constrained by ACLs leading to forced all users log out.This issue affects wpForo Forum: from n/a through 2.2.6. | 8.8 |
| 2023-11-30 | CVE-2023-47872 | Cross-site Scripting vulnerability in Gvectors Wpforo Forum Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gVectors Team wpForo Forum allows Stored XSS.This issue affects wpForo Forum: from n/a through 2.2.3. | 5.4 |
| 2023-11-22 | CVE-2023-47775 | Cross-Site Request Forgery (CSRF) vulnerability in Gvectors Wpdiscuz Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions. | 8.8 |
| 2023-11-06 | CVE-2023-47185 | Cross-site Scripting vulnerability in Gvectors Wpdiscuz Unauth. | 6.1 |