Featured Comments
by Featured Comments Plugin Project
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-10382 | Med | 0.28 | 4.3 | 0.01 | Aug 22, 2019 | The feature-comments plugin before 1.2.5 for WordPress has CSRF for featuring or burying a comment. | ||
| CVE-2014-4163 | 0.03 | — | 0.02 | Jun 16, 2014 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Featured Comments plugin 1.2.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that change the (1) buried or (2) featured status of a comment via a request to… |
- risk 0.28cvss 4.3epss 0.01
The feature-comments plugin before 1.2.5 for WordPress has CSRF for featuring or burying a comment.
- CVE-2014-4163Jun 16, 2014risk 0.03cvss —epss 0.02
Multiple cross-site request forgery (CSRF) vulnerabilities in the Featured Comments plugin 1.2.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that change the (1) buried or (2) featured status of a comment via a request to…