WordPress Plugin Vulnerabilities

Disqus Comment System <= 2.68 - Reflected Cross-Site Scripting (XSS)

Description

The Disqus Comment System WordPress plugin was affected by a Reflected Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
disqus-comment-system
Fixed in 2.69

References

URL
https://web.archive.org/web/20120214134353/http://www.ethicalhack3r.co.uk/security/wordpress-plugin-disqus-comment-system-xss/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher
Ryan Dewhurst - ethicalhack3r
Verified
No
WPVDB ID
4146cdd7-b25a-4f1e-ad95-697b790466c5

Timeline

Publicly Published
2011-12-11 (about 12 years ago)
Added
2014-08-01 (about 9 years ago)
Last Updated
2021-01-22 (about 3 years ago)

Other

Published
Title
Published
2021-12-20
Title
Contest Gallery < 14.0.0 - Author+ Stored Cross-Site Scripting
Published
2009-07-29
Title
Google Analyticator < 5.2.1 - XSS
Published
2023-12-26
Title
weForms – Easy Drag & Drop Contact Form Builder For WordPress < 1.6.18 - Authenticated (Admin+) Stored Cross-Site Scripting
Published
2023-06-26
Title
Direct checkout, Add to cart redirect for Woocommerce < 2.1.49 - Admin+ Stored XSS
Published
2023-06-16
Title
Seed Fonts 2.3.1 - Admin+ Stored XSS