An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS. CSRF affects comment integrity.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NVerbb Comments
APPVerbb< 1.5.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2020-13869MEDIUM5.4ten sam produkt
An issue was discovered in the Comments plugin before 1.5.6 for Craft CMS. There is stored XSS via a guest nam...
CVE-2020-13870MEDIUM5.4ten sam produkt
An issue was discovered in the Comments plugin before 1.5.5 for Craft CMS. There is stored XSS via an asset vo...
CVE-2020-13485CRITICAL9.1ten sam vendor
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP heade...
CVE-2020-13458HIGH8.8ten sam vendor
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the...
CVE-2025-32426MEDIUM4.6ten sam vendor
Formie is a Craft CMS plugin for creating forms. Prior to version 2.1.44, it is possible to inject malicious c...