cleantalk
Vulnerabilities and Security Researches

AnyComment, CVE-2022-0134

CVE, Research URL

CVE-2022-0134

Home page URL

Security reports for AnyComment

Application

AnyComment

Published on
Feb 21, 2022
Research Description
The AnyComment WordPress plugin before 0.2.18 does not have CSRF checks in the Import and Revert HyperComments features, allowing attackers to make logged in admin perform such actions via a CSRF attack
Affected versions
max 0.2.18.
Status
vulnerable
Previous vulnerability researches
AnyComment (CVE-2021-24838) , Jun 07, 2024
AnyComment (CVE-2022-0279) , Jun 07, 2024
AnyComment (CVE-2018-21001) , Jun 07, 2024
AnyComment (CVE-2022-0134) , Jun 07, 2024
AnyComment (CVE-2025-60240) , Nov 10, 2025
New vulnerability
SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer (CVE-2025-62048) , Nov 11, 2025
Team Member Showcase Staff List Plugin – Employee Spotlight (CVE-2025-12090) , Nov 11, 2025
WPeMatico RSS Feed Fetcher (CVE-2025-49922) , Nov 11, 2025
Cost Calculator Builder (CVE-2025-9243) , Nov 11, 2025
Off-Canvas Sidebars & Menus (Slidebars) (CVE-2025-62891) , Nov 11, 2025