VYPR

Wp Recentcomments

by WordPress

Source repositories

CVEs (3)

  • CVE-2023-23886MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.01

    Missing Authorization vulnerability in mg12 WP-RecentComments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-RecentComments: from n/a through 2.2.7.

  • CVE-2012-1068Feb 14, 2012
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the rc_ajax function in core.php in the WP-RecentComments plugin before 2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter, related to AJAX paging.

  • CVE-2012-1067Feb 14, 2012
    risk 0.00cvss epss 0.02

    SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in an rc-content action to index.php. NOTE: the provenance of this information is unknown; the details are obtained…