Skip to main content

Disqus Comment System

3 CVEs product

Monthly

CVE-2014-5347 MEDIUM POC PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the Disqus Comment System plugin before 2.76 for WordPress allow remote attackers to hijack the authentication of administrators for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

XSS CSRF WordPress PHP Disqus Comment System
NVD Exploit-DB GitHub
CVSS 2.0
6.8
EPSS
3.0%
CVE-2014-5346 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the Disqus Comment System plugin 2.77 for WordPress allow remote attackers to hijack the authentication of administrators for requests. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF WordPress PHP Disqus Comment System
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.2%
CVE-2014-5345 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in upgrade.php in the Disqus Comment System plugin before 2.76 for WordPress allows remote attackers to inject arbitrary web script or HTML via the step. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS WordPress PHP Disqus Comment System
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
2.3%
EPSS 3% CVSS 6.8
MEDIUM POC PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the Disqus Comment System plugin before 2.76 for WordPress allow remote attackers to hijack the authentication of administrators for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

XSS CSRF WordPress +2
NVD Exploit-DB GitHub
EPSS 0% CVSS 6.8
MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the Disqus Comment System plugin 2.77 for WordPress allow remote attackers to hijack the authentication of administrators for requests. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF WordPress PHP +1
NVD Exploit-DB
EPSS 2% CVSS 4.3
MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in upgrade.php in the Disqus Comment System plugin before 2.76 for WordPress allows remote attackers to inject arbitrary web script or HTML via the step. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS WordPress PHP +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy