Vulnerabilities and security researches forsubscribe-to-comments-reloaded

CVE, Research URL: CVE-2022-29414
Home page URL: Security reports for Subscribe To Comments Reloaded
Application: Subscribe To Comments Reloaded
Date: Apr 29, 2022
Research Description: Multiple (13x) Cross-Site Request Forgery (CSRF) vulnerabilities in WPKube's Subscribe To Comments Reloaded plugin <= 211130 on WordPress allows attackers to clean up Log archive, download system info file, plugin system settings, plugin options settings, generate a new key, reset all options, change notifications settings, management page settings, comment form settings, manage subscriptions > mass update settings, manage subscriptions > add a new subscription, update subscription, delete Subscription.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2024-31249
Home page URL: Security reports for Subscribe To Comments Reloaded
Application: Subscribe To Comments Reloaded
Date: Apr 10, 2024
Research Description: Insertion of Sensitive Information into Log File vulnerability in WPKube Subscribe To Comments Reloaded.This issue affects Subscribe To Comments Reloaded: from n/a through 220725.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2014-2274
Home page URL: Security reports for Subscribe To Comments Reloaded
Application: Subscribe To Comments Reloaded
Date: Mar 20, 2018
Research Description: Cross-site request forgery (CSRF) vulnerability in the Subscribe To Comments Reloaded plugin before 140219 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via a request to the subscribe-to-comments-reloaded/options/index.php page to wp-admin/admin.php.
Affected versions: Min -, max -.
Status: vulnerable

Vulnerabilities and security researches forsubscribe-to-comments-reloaded subscribe-to-comments-reloaded