gVectors Team wpdiscuz v7.6.12 - 3 CVEs

CVE-2023-51691

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gVectors Team Comments – wpDiscuz allows Stored XSS.This issue affects Comments – wpDiscuz: from n/a through 7.6.12.

MEDIUM CVSS 5.9 Published Feb 01, 2024

CVE-2023-47775

Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions.

MEDIUM CVSS 4.3 Published Nov 22, 2023

CVE-2023-47185

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions.

UNKNOWN Published Nov 06, 2023

Version 7.6.12

Known Vulnerabilities

CVE-2023-51691

CVE-2023-47775

CVE-2023-47185