wpDiscuz
AdvancedCoding
Developer
7.6.49
Latest version
80,000
Installations
No date
Last updated
Vulnerability history
0 present
25 patched
8 Mitigation rules
- WordPress Comments - wpDiscuz plugin < 7.6.40 - Unauthenticated Account Takeover vulnerability< 7.6.4001/01/2026
- Insecure Direct Object References (IDOR) vulnerability<= 7.6.4325/12/2025
- Broken Access Control Vulnerability<= 7.6.3322/09/2025
- Authentication Bypass vulnerability<= 7.6.2424/10/2024
- Unauthenticated HTML Injection vulnerability<= 7.6.2102/08/2024
- Cross Site Scripting (XSS) vulnerability<= 7.6.1806/06/2024
- Authenticated (Author+) Stored Cross-Site Scripting via Uploaded Image Alternative Text vulnerability<= 7.6.1523/04/2024
- Cross Site Scripting (XSS) vulnerability<= 7.6.1227/12/2023
- Cross Site Request Forgery (CSRF) vulnerability<= 7.6.1114/11/2023
- Cross Site Scripting (XSS) vulnerability<= 7.6.1102/11/2023
- Insecure Direct Object References (IDOR) vulnerability<= 7.6.322/10/2023
- Content Injection vulnerability<= 7.6.1022/10/2023
- Broken Access Control vulnerability<= 7.6.1022/10/2023
- Broken Access Control vulnerability<= 7.6.312/10/2023
- Unauthenticated SQL Injection vulnerability< 7.6.619/09/2023
- Insecure Direct Object Reference to Comment Rating Increase/Decrease vulnerability<= 7.6.314/09/2023
- Insecure Direct Object Reference to Post Rating Increase/Decrease vulnerability<= 7.6.314/09/2023
- Insecure Direct Object References (IDOR) vulnerability7.4.228/10/2022
- Sensitive Information Disclosure<= 7.3.1110/02/2022
- Cross-Site Request Forgery (CSRF) vulnerability leading to Arbitrary Comment Addition/Edition/Deletion<= 7.3.311/10/2021
- Stored Cross-Site Scripting (XSS) vulnerability<= 7.3.113/09/2021
- Unauthenticated Arbitrary File Upload vulnerability<= 7.0.428/07/2020
- Unauthenticated SQL Injection (SQLi) vulnerability<= 5.3.512/06/2020
- Cross-Site Request Forgery (CSRF) Vulnerability<= 3.2.820/06/2017
- Reflected Cross Site Scripting (XSS)<= 3.1.430/05/2016