Every CVE whose affected-product data names Bologer Anycomment, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-0134 — CVSS 8.8 (high): The AnyComment WordPress plugin before 0.2.18 does not have CSRF checks in the Import and Revert HyperComments features, allowing attackers…
CVE-2021-24838 — CVSS 6.1 (medium): The AnyComment WordPress plugin before 0.3.5 has an API endpoint which passes user input via the redirect parameter to the wp_redirect()…
CVE-2022-0279 — CVSS 3.1 (low): The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any…