The AnyComment WordPress plugin before 0.2.18 does not have CSRF checks in the Import and Revert HyperComments features, allowing attackers to make logged in admin perform such actions via a CSRF attackCreditsBrandon RoldanReferenceshttps://wpscan.com/vulnerability/fa09ea9b-d5a0-4773-a692-9ff0200bcd85
