Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bbpress bbpress vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2011-1150
bbPress up to and including 1.0.2 has XSS in /bb-login.php url via the re parameter.
Bbpress Bbpress
668
VMScore
CVE-2020-13693
An unauthenticated privilege-escalation issue exists in the bbPress plugin prior to 2.6.5 for WordPress when New User Registration is enabled.
Bbpress Bbpress
318
VMScore
CVE-2020-13487
The bbPress plugin up to and including 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. An administrator can exploit this at the wp-admin/post.php?a...
Bbpress Bbpress
445
VMScore
CVE-2011-3710
bbPress 1.0.2 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by bb-templates/kakumei/view.php and certain other files.
Bbpress Bbpress 1.0.2
668
VMScore
CVE-2007-3244
SQL injection vulnerability in bb-includes/formatting-functions.php in bbPress prior to 0.8.1 might allow remote malicious users to execute arbitrary SQL commands via unspecified vectors to forums/bb-edit.php, as demonstrated by a PRE element, aka the "quircky slashes bug.&q...
Bbpress Bbpress 0.8
435
VMScore
CVE-2007-3243
Cross-site scripting (XSS) vulnerability in bb-login.php in bbPress 0.8.1 allows remote malicious users to inject arbitrary web script or HTML via the re parameter. NOTE: exploitation may require forcing the client to send a certain Referer header.
Bbpress Bbpress 0.8.1
1 EDB exploit
668
VMScore
CVE-2018-21005
The bbp-move-topics plugin prior to 1.1.6 for WordPress has code injection.
Bbpress Move Topics Project Bbpress Move Topics
605
VMScore
CVE-2018-21006
The bbp-move-topics plugin prior to 1.1.6 for WordPress has CSRF.
Bbpress Move Topics Project Bbpress Move Topics
NA
CVE-2023-34031
Cross-Site Request Forgery (CSRF) vulnerability in Pascal Casier bbPress Toolkit plugin <= 1.0.12 versions.
Casier Bbpress Toolkit
NA
CVE-2023-34032
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pascal Casier bbPress Toolkit plugin <= 1.0.12 versions.
Casier Bbpress Toolkit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »