Vulnerabilities > Gvectors > Wpdiscuz
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-25 | CVE-2024-9488 | Unspecified vulnerability in Gvectors Wpdiscuz The Comments – wpDiscuz plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.6.24. | 9.8 |
2024-06-08 | CVE-2024-35681 | Unspecified vulnerability in Gvectors Wpdiscuz Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.18. | 5.4 |
2024-02-01 | CVE-2023-51691 | Unspecified vulnerability in Gvectors Wpdiscuz Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gVectors Team Comments – wpDiscuz allows Stored XSS.This issue affects Comments – wpDiscuz: from n/a through 7.6.12. | 4.8 |
2023-12-20 | CVE-2023-46311 | Unspecified vulnerability in Gvectors Wpdiscuz Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments – wpDiscuz.This issue affects Comments – wpDiscuz: from n/a through 7.6.3. | 6.5 |
2023-11-22 | CVE-2023-47775 | Unspecified vulnerability in Gvectors Wpdiscuz Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions. | 8.8 |
2023-11-06 | CVE-2023-47185 | Unspecified vulnerability in Gvectors Wpdiscuz Unauth. | 6.1 |
2023-10-20 | CVE-2023-3869 | Missing Authorization vulnerability in Gvectors Wpdiscuz The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the voteOnComment function in versions up to, and including, 7.6.3. | 5.3 |
2023-10-20 | CVE-2023-3998 | Missing Authorization vulnerability in Gvectors Wpdiscuz The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the userRate function in versions up to, and including, 7.6.3. | 5.3 |
2022-11-18 | CVE-2022-43492 | Authorization Bypass Through User-Controlled Key vulnerability in Gvectors Wpdiscuz 7.4.2 Auth. | 8.8 |
2022-02-21 | CVE-2022-23984 | Information Exposure vulnerability in Gvectors Wpdiscuz Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11). | 7.5 |