cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches fordisable-comments disable-comments

Direction: ascending
Jun 07, 2024

Disable Comments – Remove Comments & Stop Spam [Multi-Site Support] # CVE-2014-2550

CVE, Research URL

CVE-2014-2550

Date
Mar 20, 2018
Research Description
Cross-site request forgery (CSRF) vulnerability in the Disable Comments plugin before 1.0.4 for WordPress allows remote attackers to hijack the authentication of administrators for requests that enable comments via a request to the disable_comments_settings page to wp-admin/options-general.php.
Affected versions
Min -, max -.
Status
vulnerable
Mar 12, 2025

Disable Comments – Remove Comments & Stop Spam [Multi-Site Support] # PSC-2025-64560

PSC, Research URL

PSC-2025-64560

Date
-
Research Description
Disable Comments – Remove Comments & Stop Spam [Multi-Site Support] is a powerful plugin designed to give WordPress site owners complete control over comment functionality. By allowing users to globally enable or disable comments on posts, pages, and media, this plugin is an effective tool to prevent spam and unwanted discussions. It provides seamless integration with WP-CLI, XML-RPC, and REST-API, ensuring a streamlined approach to managing comments. This plugin enhances website security by eliminating potential spam injection points and preventing unauthorized comment-based interactions. It has successfully undergone rigorous security testing and has received the prestigious Plugin Security Certification (PSC-2025-64560) from CleanTalk, ensuring robust protection against spam-related vulnerabilities.
Affected versions
Min -, max -.
Status
SAFE & CERTIFIED