cleantalk
Vulnerabilities and Security Researches

Subscribe To Comments Reloaded, CVE-2022-29414

CVE, Research URL

CVE-2022-29414

Home page URL

Security reports for Subscribe To Comments Reloaded

Application

Subscribe To Comments Reloaded

Published on
Apr 29, 2022
Research Description
Multiple (13x) Cross-Site Request Forgery (CSRF) vulnerabilities in WPKube's Subscribe To Comments Reloaded plugin <= 211130 on WordPress allows attackers to clean up Log archive, download system info file, plugin system settings, plugin options settings, generate a new key, reset all options, change notifications settings, management page settings, comment form settings, manage subscriptions > mass update settings, manage subscriptions > add a new subscription, update subscription, delete Subscription.
Affected versions
Min -, max 150820.
Status
vulnerable
Previous vulnerability researches
Subscribe To Comments Reloaded (CVE-2022-29414) , Jun 07, 2024
Subscribe To Comments Reloaded (CVE-2024-31249) , Jun 07, 2024
Subscribe To Comments Reloaded (CVE-2014-2274) , Jun 07, 2024
Subscribe to Comments (CVE-2024-8792) , Oct 31, 2024
Subscribe to Comments (f69cd55925560294fe3e43bb5ca85d72219309c8) , Jun 07, 2024
New vulnerability
Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms (CVE-2025-7696) , Jul 21, 2025
Temporarily Hidden Content (CVE-2025-7658) , Jul 21, 2025
Testimonial Post type (CVE-2025-5800) , Jul 21, 2025
WP Shortcodes Plugin — Shortcodes Ultimate (CVE-2025-7369) , Jul 21, 2025
WP Shortcodes Plugin — Shortcodes Ultimate (CVE-2025-7354) , Jul 21, 2025