Vulnerabilities and security researches fordisable-comments disable-comments

Jun 07, 2024

CVE, Research URL: CVE-2014-2550
Home page URL: Security reports for Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]
Application: Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]
Date: Mar 20, 2018
Research Description: Cross-site request forgery (CSRF) vulnerability in the Disable Comments plugin before 1.0.4 for WordPress allows remote attackers to hijack the authentication of administrators for requests that enable comments via a request to the disable_comments_settings page to wp-admin/options-general.php.
Affected versions: Min -, max -.
Status: vulnerable

Mar 12, 2025

PSC, Research URL: PSC-2025-64560
Home page URL: Security reports for Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]
Application: Disable Comments – Remove Comments & Stop Spam [Multi-Site Support]
Date: -
Research Description: Disable Comments – Remove Comments & Stop Spam [Multi-Site Support] is a powerful plugin designed to give WordPress site owners complete control over comment functionality. By allowing users to globally enable or disable comments on posts, pages, and media, this plugin is an effective tool to prevent spam and unwanted discussions. It provides seamless integration with WP-CLI, XML-RPC, and REST-API, ensuring a streamlined approach to managing comments. This plugin enhances website security by eliminating potential spam injection points and preventing unauthorized comment-based interactions. It has successfully undergone rigorous security testing and has received the prestigious Plugin Security Certification (PSC-2025-64560) from CleanTalk, ensuring robust protection against spam-related vulnerabilities.
Affected versions: Min -, max -.
Status: SAFE & CERTIFIED