Advancedcoding Comments – Wpdiscuz
6 CVEs affecting Advancedcoding Comments – Wpdiscuz. Latest disclosed: 2026-07-03. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-9488 | Critical | 9.8 | 2024-10-25 | The Comments – wpDiscuz plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.6.24. This is due to insufficient v… |
CVE-2026-9148 | High | 7.2 | 2026-07-03 | The Comments – wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the guest commenter 'Website' field in versions up to, and includ… |
CVE-2024-2477 | Medium | 6.4 | 2024-04-23 | The wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of an uploaded image in all versions up to, and… |
CVE-2024-6704 | Medium | 5.3 | 2024-08-02 | The Comments – wpDiscuz plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 7.6.21. This is due to a lack of filtering o… |
CVE-2023-3998 | Medium | 5.3 | 2023-10-20 | The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the userRate function in versions… |
CVE-2023-3869 | Medium | 5.3 | 2023-10-20 | The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the voteOnComment function in vers… |