Siteheart Hypercomments vulnerabilities
2 known vulnerabilities affecting siteheart/hypercomments.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2025-5701P2HIGHCVSS 8.8PoC≤ 1.2.22025-06-05
CVE-2025-5701 [HIGH] CWE-862 CVE-2025-5701: The HyperComments plugin for WordPress is vulnerable to unauthorized modification of data that can l
The HyperComments plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the hc_request_handler function in all versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. This can
nvd
CVE-2025-23509P4HIGHCVSS 7.1≤ 0.9.62025-01-22
CVE-2025-23509 [HIGH] CWE-79 CVE-2025-23509: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in siteheart HyperComments comments-with-hypercommentscom allows Reflected XSS.This issue affects HyperComments: from n/a through <= 0.9.6.
nvd