[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fVp_TSfH3AKcXTGHUKmwR3m13phSRUYWIP6T0wi1tKrk":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2024-6704","comments-wpdiscuz-unauthenticated-html-injection","Comments – wpDiscuz \u003C= 7.6.21 - Unauthenticated HTML Injection","The Comments – wpDiscuz plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 7.6.21. This is due to a lack of filtering of HTML tags in comments. This makes it possible for unauthenticated attackers to add HTML such as hyperlinks to comments when rich editing is disabled.","wpdiscuz",null,"\u003C=7.6.21","7.6.22","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-08-01 00:00:00","2024-08-02 10:59:33",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffa3501a4-7975-4f90-8037-f8a06c293c07?source=api-prod",1]