cleantalk
Vulnerabilities and Security Researches

AnyComment, CVE-2025-48091

CVE, Research URL

CVE-2025-48091

Home page URL

Security reports for AnyComment

Application

AnyComment

Published on
Oct 22, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Alexander AnyComment anycomment allows SQL Injection.This issue affects AnyComment: from n/a through <= 0.3.6.
Affected versions
max 0.3.6.
Status
vulnerable
Previous vulnerability researches
Video Lessons Manager &#8211; WordPress LMS Plugin (CVE-2021-24713) , Jun 06, 2024
Video Lessons Manager &#8211; WordPress LMS Plugin (CVE-2024-11202) , Nov 27, 2024
Video Lessons Manager &#8211; WordPress LMS Plugin (CVE-2025-24758) , Feb 16, 2025
New vulnerability
Event post (CVE-2025-62042) , Nov 10, 2025
Rock Convert (CVE-2025-62911) , Nov 10, 2025
Wp tabber widget (CVE-2025-10730) , Nov 10, 2025
Flex QR Code Generator (CVE-2025-10041) , Nov 10, 2025
DominoKit (CVE-2025-12350) , Nov 10, 2025