WordPress Plugin Vulnerabilities

Anycomment < 0.0.33 - XSS

Description

The AnyComment WordPress plugin was affected by a XSS security vulnerability.

Affects Plugins

Plugin icon
anycomment
Fixed in 0.0.33

References

CVE
CVE-2018-21001

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Verified
No
WPVDB ID
6e318aea-a677-4d0b-9cf6-94ae2034e607

Timeline

Publicly Published
2018-07-16 (about 7 years ago)
Added
2019-08-27 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2025-03-27
Title
OK Poster Group <= 1.1 - Reflected Cross-Site Scripting
Published
2023-08-17
Title
RSVPMarker < 10.6.7 - Unauthenticated Stored XSS
Published
2024-03-27
Title
WP Staging (Free < 3.4.0, Pro < 5.4.0) - Admin+ Stored XSS
Published
2023-01-18
Title
GigPress < 2.3.28 - Contributor+ Stored XSS via Shortcode
Published
2022-06-06
Title
miniOrange's Google Authenticator < 5.5.6 - Admin+ Stored Cross-Site Scripting