cleantalk
Vulnerabilities and Security Researches

AnyComment, CVE-2025-48091

CVE, Research URL

CVE-2025-48091

Home page URL

Security reports for AnyComment

Application

AnyComment

Published on
Oct 22, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Alexander AnyComment anycomment allows SQL Injection.This issue affects AnyComment: from n/a through <= 0.3.6.
Affected versions
max 0.3.6.
Status
vulnerable
Previous vulnerability researches
AnyComment (CVE-2021-24838) , Jun 07, 2024
AnyComment (CVE-2022-0279) , Jun 07, 2024
AnyComment (CVE-2018-21001) , Jun 07, 2024
AnyComment (CVE-2022-0134) , Jun 07, 2024
AnyComment (CVE-2025-60240) , Nov 10, 2025
New vulnerability
SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer (CVE-2025-62048) , Nov 11, 2025
Team Member Showcase Staff List Plugin &#8211; Employee Spotlight (CVE-2025-12090) , Nov 11, 2025
WPeMatico RSS Feed Fetcher (CVE-2025-49922) , Nov 11, 2025
Cost Calculator Builder (CVE-2025-9243) , Nov 11, 2025
Off-Canvas Sidebars &amp; Menus (Slidebars) (CVE-2025-62891) , Nov 11, 2025