Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3
Critical0
High1
Medium1
Reset
Showing 1-3 of 3 records
Threat Entry Updated 2024-11-21

CVE-2022-0134 - Anycomment Plugin

The AnyComment WordPress plugin before 0.2.18 does not have CSRF checks in the Import and Revert HyperComments features, allowing attackers to make logged in admin perform such actions via a CSRF attack

PLUGIN Anycomment

CVE-2022-0134

HIGH CVSS 8.8 2022-02-21
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2022-0279 - Anycomment Plugin

The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower the rating of other users

PLUGIN Anycomment

CVE-2022-0279

LOW CVSS 3.1 2022-02-21
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2021-24838 - Anycomment Plugin

The AnyComment WordPress plugin before 0.3.5 has an API endpoint which passes user input via the redirect parameter to the wp_redirect() function without being validated first, leading to an Open Redirect issue, which according to the vendor, is a feature.

PLUGIN Anycomment

CVE-2021-24838

MEDIUM CVSS 6.1 2022-01-17
Open Full Technical Breakdown
Scroll to top