Vulnerabilities > Gvectors > Wpdiscuz

DATE CVE VULNERABILITY TITLE RISK
2024-10-25 CVE-2024-9488 Unspecified vulnerability in Gvectors Wpdiscuz
The Comments – wpDiscuz plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.6.24.
network
low complexity
gvectors
critical
9.8
2024-06-08 CVE-2024-35681 Unspecified vulnerability in Gvectors Wpdiscuz
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.18.
network
low complexity
gvectors
5.4
2024-02-01 CVE-2023-51691 Unspecified vulnerability in Gvectors Wpdiscuz
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gVectors Team Comments – wpDiscuz allows Stored XSS.This issue affects Comments – wpDiscuz: from n/a through 7.6.12.
network
low complexity
gvectors
4.8
2023-12-20 CVE-2023-46311 Unspecified vulnerability in Gvectors Wpdiscuz
Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments – wpDiscuz.This issue affects Comments – wpDiscuz: from n/a through 7.6.3.
network
low complexity
gvectors
6.5
2023-11-22 CVE-2023-47775 Unspecified vulnerability in Gvectors Wpdiscuz
Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions.
network
low complexity
gvectors
8.8
2023-11-06 CVE-2023-47185 Unspecified vulnerability in Gvectors Wpdiscuz
Unauth.
network
low complexity
gvectors
6.1
2023-10-20 CVE-2023-3869 Missing Authorization vulnerability in Gvectors Wpdiscuz
The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the voteOnComment function in versions up to, and including, 7.6.3.
network
low complexity
gvectors CWE-862
5.3
2023-10-20 CVE-2023-3998 Missing Authorization vulnerability in Gvectors Wpdiscuz
The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the userRate function in versions up to, and including, 7.6.3.
network
low complexity
gvectors CWE-862
5.3
2022-11-18 CVE-2022-43492 Authorization Bypass Through User-Controlled Key vulnerability in Gvectors Wpdiscuz 7.4.2
Auth.
network
low complexity
gvectors CWE-639
8.8
2022-02-21 CVE-2022-23984 Information Exposure vulnerability in Gvectors Wpdiscuz
Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11).
network
low complexity
gvectors CWE-200
7.5