Approved changes feed: RSS · Atom

cpe:2.3:a:wpkube:subscribe_to_comments_reloaded:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorWpkube (f4241446-089f-5ffb-84a4-260b1a556496)
ProductSubscribe To Comments Reloaded (49b015c9-f878-5223-be91-19dd3a9c0b91)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/wp-plugins/subscribe-to-comments-reloaded purl2cpe 2026-06-01 10:16:27.325326
pkg:github/wpplugins/subscribe-to-comments-reloaded purl2cpe 2026-06-01 10:16:27.325329

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-4409 vulnerable 2026-06-08 08:05:13.330318 Subscribe To Comments Reloaded <= 240119 - Improper Authorization to Unauthenticated Arbitrary Subscription Management
MEDIUM (6.5)
The Subscribe To Comments Reloaded plugin for WordPress is vulnerable to unauthorized modification of data due to a leaked secret key and usage of a weak hash generation algorithm in all versions up to, and including, 240119. This makes it possible for unauthenticated attackers to extract the global key from any public post page, forge authorization keys and manage comment subscription preferences for arbitrary users
Published: 2026-05-05T02:26:55.996Z
Updated: 2026-05-05T15:34:57.256Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-31249 vulnerable 2026-06-08 06:35:31.172807 WordPress Subscribe To Comments Reloaded plugin <= 220725 - Sensitive Data Exposure vulnerability
MEDIUM (5.3)
Insertion of Sensitive Information into Log File vulnerability in WPKube Subscribe To Comments Reloaded.This issue affects Subscribe To Comments Reloaded: from n/a through 220725.
Published: 2024-04-10T15:48:21.043Z
Updated: 2026-04-28T16:09:29.030Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.