All 6 CVE vulnerabilities found in AnyComment, with AI-generated Chinese analysis, references, and POCs.
Vendor: Unknown
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62874 | WordPress AnyComment plugin <= 0.3.6 - Broken Access Control vulnerability CWE-862 | 4.3 | Medium | 2025-12-31 |
| CVE-2025-60240 | WordPress AnyComment plugin <= 0.3.6 - Local File Inclusion vulnerability CWE-98 | 8.1 | - | 2025-11-06 |
| CVE-2025-48091 | WordPress AnyComment plugin <= 0.3.6 - SQL Injection vulnerability CWE-89 | 8.5 | High | 2025-10-22 |
| CVE-2022-0279 | AnyComment < 0.2.18 - Comment Rating Increase/Decrease via Race Condition CWE-362 | 3.1 | - | 2022-02-21 |
| CVE-2022-0134 | AnyComment < 0.2.18 - Arbitrary HyperComments Import/Revert via CSRF CWE-352 | 8.8 | - | 2022-02-21 |
| CVE-2021-24838 | AnyComment < 0.3.5 - Open Redirect CWE-601 | 6.1 | - | 2022-01-17 |
All 6 known CVE vulnerabilities affecting AnyComment with full Chinese analysis, references, and POCs where available.