Vulnerabilities > Gvectors > Wpdiscuz > 2.2.9

DATE CVE VULNERABILITY TITLE RISK
2025-01-02 CVE-2023-45760 Missing Authorization vulnerability in Gvectors Wpdiscuz
Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through 7.6.3.
network
low complexity
gvectors CWE-862
8.8
8.8
2025-01-02 CVE-2023-46309 Missing Authorization vulnerability in Gvectors Wpdiscuz
Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through 7.6.10.
network
low complexity
gvectors CWE-862
7.3
7.3
2024-10-25 CVE-2024-9488 Unspecified vulnerability in Gvectors Wpdiscuz
The Comments – wpDiscuz plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.6.24.
network
low complexity
gvectors
critical
 9.8
9.8
2024-08-02 CVE-2024-6704 Unspecified vulnerability in Gvectors Wpdiscuz
The Comments – wpDiscuz plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 7.6.21.
network
low complexity
gvectors
6.1
6.1
2024-06-08 CVE-2024-35681 Unspecified vulnerability in Gvectors Wpdiscuz
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.18.
network
low complexity
gvectors
5.4
5.4
2024-06-04 CVE-2023-46310 Cross-site Scripting vulnerability in Gvectors Wpdiscuz
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpDiscuz allows Code Injection.This issue affects wpDiscuz: from n/a through 7.6.10.
network
low complexity
gvectors CWE-79
6.1
6.1
2024-04-23 CVE-2024-2477 Cross-site Scripting vulnerability in Gvectors Wpdiscuz
The wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of an uploaded image in all versions up to, and including, 7.6.15 due to insufficient input sanitization and output escaping.
network
low complexity
gvectors CWE-79
5.4
5.4
2024-02-01 CVE-2023-51691 Unspecified vulnerability in Gvectors Wpdiscuz
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gVectors Team Comments – wpDiscuz allows Stored XSS.This issue affects Comments – wpDiscuz: from n/a through 7.6.12.
network
low complexity
gvectors
4.8
4.8
2023-12-20 CVE-2023-46311 Unspecified vulnerability in Gvectors Wpdiscuz
Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments – wpDiscuz.This issue affects Comments – wpDiscuz: from n/a through 7.6.3.
network
low complexity
gvectors
6.5
6.5
2023-11-22 CVE-2023-47775 Unspecified vulnerability in Gvectors Wpdiscuz
Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions.
network
low complexity
gvectors
8.8
8.8