CVE ID :CVE-2026-22202 Published : March 13, 2026, 6:19 a.m. | 1 hour, 58 minutes ago Description :wpDiscuz before 7.6.47 contains a cross-site request forgery vulnerability that allows attackers to delete all comments associated with an email address by crafting a malicious GET request with a valid HMAC key. Attackers can embed the deletecomments action URL in image tags or other resources to trigger permanent deletion of comments without user confirmation or POST-based CSRF protection. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...