Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Vulnerabilities found in Disqus plugin for WordPress

Vulnerabilities found in Disqus plugin for WordPress


Securityweek - (International) A researcher identified and reported three vulnerabilities in the Disqus plugin for WordPress, including a cross-site request forgery (CSRF) issue that could allow an attacker to inject an exploit. The vulnerabilities were addressed June 29 in Disqus version 2.7.6, and a new version containing additional fixes was also released as version 2.7.7.


Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at:

Last Updated: 27 May 2016 10:21:23