Filtered by vendor Gvectors
Subscribe
Total
70 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-22209 | 1 Gvectors | 1 Wpdiscuz | 2026-03-26 | N/A | 5.5 MEDIUM |
| wpDiscuz before 7.6.47 contains a cross-site scripting vulnerability in the customCss field that allows administrators to inject malicious scripts by breaking out of style tags. Attackers with admin access can inject payloads like </style><script>alert(1)</script> in the custom CSS setting to execute arbitrary JavaScript in user browsers. | |||||
| CVE-2026-22191 | 1 Gvectors | 1 Wpdiscuz | 2026-03-23 | N/A | 6.5 MEDIUM |
| wpDiscuz before 7.6.47 contains a shortcode injection vulnerability that allows attackers to execute arbitrary shortcodes by including them in comment content sent via email notifications. Attackers can inject shortcodes like [contact-form-7] or [user_meta] in comments, which are executed server-side when the WpdiscuzHelperEmail class processes notifications through do_shortcode() before wp_mail(). | |||||
| CVE-2026-22183 | 1 Gvectors | 1 Wpdiscuz | 2026-03-17 | N/A | 6.1 MEDIUM |
| wpDiscuz before 7.6.47 contains a stored cross-site scripting vulnerability in the inline comment preview functionality that allows authenticated users to inject malicious scripts by submitting comments with unescaped content. Attackers with unfiltered_html capabilities can inject JavaScript directly through comment content rendered in the AJAX response from the getLastInlineComments() function in class.WpdiscuzHelperAjax.php without proper HTML escaping. | |||||
| CVE-2026-22192 | 1 Gvectors | 1 Wpdiscuz | 2026-03-17 | N/A | 6.1 MEDIUM |
| wpDiscuz before 7.6.47 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript by importing a crafted options file with unescaped customCss field values. Attackers can supply a malicious JSON import file containing script payloads in the customCss parameter that execute on every page when rendered through the options handler without proper sanitization. | |||||
| CVE-2026-22193 | 1 Gvectors | 1 Wpdiscuz | 2026-03-17 | N/A | 8.1 HIGH |
| wpDiscuz before 7.6.47 contains an SQL injection vulnerability in the getAllSubscriptions() function where string parameters lack proper quote escaping in SQL queries. Attackers can inject malicious SQL code through email, activation_key, subscription_date, and imported_from parameters to manipulate database queries and extract sensitive information. | |||||
| CVE-2026-22199 | 1 Gvectors | 1 Wpdiscuz | 2026-03-17 | N/A | 5.3 MEDIUM |
| wpDiscuz before 7.6.47 contains a vote manipulation vulnerability that allows attackers to manipulate comment votes by obtaining fresh nonces and bypassing rate limiting through client-controlled headers. Attackers can vary User-Agent headers to reset rate limits, request nonces from the unauthenticated wpdGetNonce endpoint, and vote multiple times using IP rotation or reverse proxy header manipulation. | |||||
| CVE-2026-22201 | 1 Gvectors | 1 Wpdiscuz | 2026-03-17 | N/A | 5.3 MEDIUM |
| wpDiscuz before 7.6.47 contains an IP spoofing vulnerability in the getIP() function that allows attackers to bypass IP-based rate limiting and ban enforcement by trusting untrusted HTTP headers. Attackers can set HTTP_CLIENT_IP or HTTP_X_FORWARDED_FOR headers to spoof their IP address and circumvent security controls. | |||||
| CVE-2026-22202 | 1 Gvectors | 1 Wpdiscuz | 2026-03-17 | N/A | 8.1 HIGH |
| wpDiscuz before 7.6.47 contains a cross-site request forgery vulnerability that allows attackers to delete all comments associated with an email address by crafting a malicious GET request with a valid HMAC key. Attackers can embed the deletecomments action URL in image tags or other resources to trigger permanent deletion of comments without user confirmation or POST-based CSRF protection. | |||||
| CVE-2026-22203 | 1 Gvectors | 1 Wpdiscuz | 2026-03-17 | N/A | 4.9 MEDIUM |
| wpDiscuz before 7.6.47 contains an information disclosure vulnerability that allows administrators to inadvertently expose OAuth secrets by exporting plugin options as JSON. Attackers can obtain exported files containing plaintext API secrets like fbAppSecret, googleClientSecret, twitterAppSecret, and other social login credentials from support tickets, backups, or version control repositories. | |||||
| CVE-2026-22182 | 1 Gvectors | 1 Wpdiscuz | 2026-03-17 | N/A | 7.5 HIGH |
| wpDiscuz before 7.6.47 contains an unauthenticated denial of service vulnerability that allows anonymous users to trigger mass notification emails by exploiting the checkNotificationType() function. Attackers can repeatedly call the wpdiscuz-ajax.php endpoint with arbitrary postId and comment_id parameters to flood subscribers with notifications, as the handler lacks nonce verification, authentication checks, and rate limiting. | |||||
| CVE-2026-22204 | 1 Gvectors | 1 Wpdiscuz | 2026-03-17 | N/A | 3.7 LOW |
| wpDiscuz before 7.6.47 contains an email header injection vulnerability that allows attackers to manipulate mail recipients by injecting malicious data into the comment_author_email cookie. Attackers can craft a malicious cookie value that, when processed through urldecode() and passed to wp_mail() functions, enables header injection to alter email recipients or inject additional headers. | |||||
| CVE-2026-22210 | 1 Gvectors | 1 Wpdiscuz | 2026-03-17 | N/A | 4.4 MEDIUM |
| wpDiscuz before 7.6.47 contains a cross-site scripting vulnerability that allows attackers to inject malicious code through unescaped attachment URLs in HTML output by exploiting the WpdiscuzHelperUpload class. Attackers can craft malicious attachment records or filter hooks to inject arbitrary JavaScript into img and anchor tag attributes, executing code in the context of WordPress users viewing comments. | |||||
| CVE-2026-22215 | 1 Gvectors | 1 Wpdiscuz | 2026-03-17 | N/A | 4.3 MEDIUM |
| wpDiscuz before 7.6.47 contains a cross-site request forgery vulnerability in the getFollowsPage() function that allows attackers to trigger unauthorized actions without nonce validation. Attackers can craft malicious requests to enumerate follow relationships and manipulate user follow data by exploiting the missing CSRF protection in the follows page handler. | |||||
| CVE-2026-22216 | 1 Gvectors | 1 Wpdiscuz | 2026-03-17 | N/A | 6.5 MEDIUM |
| wpDiscuz before 7.6.47 contains a missing rate limiting vulnerability that allows unauthenticated attackers to subscribe arbitrary email addresses to post notifications by sending POST requests to the wpdAddSubscription handler in class.WpdiscuzHelperAjax.php. Attackers can exploit LIKE wildcard characters in the subscription query to match multiple email addresses and generate unwanted notification emails to victim accounts. | |||||
| CVE-2026-28554 | 1 Gvectors | 1 Wpforo Forum | 2026-03-05 | N/A | 4.3 MEDIUM |
| wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to approve or unapprove any forum post via the wpforo_approve_ajax AJAX handler. Attackers exploit the nonce-only check by submitting a valid nonce with an arbitrary post ID to bypass moderation controls entirely. | |||||
| CVE-2026-28561 | 1 Gvectors | 1 Wpforo Forum | 2026-03-05 | N/A | 5.5 MEDIUM |
| wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows administrators to inject persistent JavaScript via forum description fields echoed without output escaping across multiple theme template files. On multisite installations or with a compromised admin account, attackers set a forum description containing HTML event handlers that execute when any user views the forum listing. | |||||
| CVE-2026-28562 | 1 Gvectors | 1 Wpforo Forum | 2026-03-05 | N/A | 8.2 HIGH |
| wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics::get_topics() where the ORDER BY clause relies on ineffective esc_sql() sanitization on unquoted identifiers. Attackers exploit the wpfob parameter with CASE WHEN payloads to perform blind boolean extraction of credentials from the WordPress database. | |||||
| CVE-2026-28555 | 1 Gvectors | 1 Wpforo Forum | 2026-03-04 | N/A | 4.3 MEDIUM |
| wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to close or reopen any forum topic via the wpforo_close_ajax handler. Attackers submit a valid nonce with an arbitrary topic ID to bypass the moderator permission requirement and disrupt forum discussions. | |||||
| CVE-2026-28556 | 1 Gvectors | 1 Wpforo Forum | 2026-03-04 | N/A | 5.4 MEDIUM |
| wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to move, merge, or split any forum topic via the topic_move, topic_merge, and topic_split form action handlers. Attackers with a valid form nonce can reorganize arbitrary forum content without moderator permissions, including relocating topics to private forums. | |||||
| CVE-2026-28557 | 1 Gvectors | 1 Wpforo Forum | 2026-03-04 | N/A | 6.5 MEDIUM |
| wpForo Forum 2.4.14 contains a missing capability check vulnerability that allows authenticated users to trigger bulk wpForo usergroup reassignment via the wpforo_synch_roles AJAX handler. Attackers access the usergroups admin page, accessible to any authenticated user, to obtain a nonce, then remap all wpForo usergroups to arbitrary WordPress roles. | |||||