VYPR

Stop Comment Spam

by WordPress

Source repositories

CVEs (3)

  • CVE-2025-23826HigJan 16, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pedjas Stop Comment Spam stop-comment-spam allows Stored XSS.This issue affects Stop Comment Spam: from n/a through <= 0.5.3.

  • CVE-2022-1663MedAug 29, 2022
    risk 0.42cvss 6.5epss 0.01

    The Stop Spam Comments WordPress plugin through 0.2.1.2 does not properly generate the Javascript access token for preventing abuse of comment section, allowing threat authors to easily collect the value and add it to the request.

  • CVE-2026-3353MedMar 21, 2026
    risk 0.29cvss 4.4epss 0.00

    The Comment SPAM Wiper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'API Key' setting in all versions up to, and including, 1.2.1. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,…