CVE-2015-10133
- EPSS 36.53%
- Veröffentlicht 19.07.2025 09:23:53
- Zuletzt bearbeitet 23.12.2025 15:58:31
The Subscribe to Comments for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.1.2 via the Path to header value. This allows authenticated attackers, with administrative privileges and above, to include and execute ...
CVE-2024-8792
- EPSS 1.73%
- Veröffentlicht 30.10.2024 03:15:04
- Zuletzt bearbeitet 06.11.2024 14:51:34
The Subscribe to Comments plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.3. This makes it possible for unauthenticat...
CVE-2006-10001
- EPSS 0.42%
- Veröffentlicht 05.03.2023 21:15:09
- Zuletzt bearbeitet 21.11.2024 00:07:49
A vulnerability, which was classified as problematic, was found in Subscribe to Comments Plugin up to 2.0.7 on WordPress. This affects an unknown part of the file subscribe-to-comments.php. The manipulation leads to cross site scripting. It is possib...