Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bbpress bbpress vulnerabilities and exploits
(subscribe to this query)
318
VMScore
CVE-2020-13487
The bbPress plugin up to and including 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. An administrator can exploit this at the wp-admin/post.php?a...
Bbpress Bbpress
668
VMScore
CVE-2020-13693
An unauthenticated privilege-escalation issue exists in the bbPress plugin prior to 2.6.5 for WordPress when New User Registration is enabled.
Bbpress Bbpress
383
VMScore
CVE-2011-1150
bbPress up to and including 1.0.2 has XSS in /bb-login.php url via the re parameter.
Bbpress Bbpress
435
VMScore
CVE-2007-3243
Cross-site scripting (XSS) vulnerability in bb-login.php in bbPress 0.8.1 allows remote malicious users to inject arbitrary web script or HTML via the re parameter. NOTE: exploitation may require forcing the client to send a certain Referer header.
Bbpress Bbpress 0.8.1
1 EDB exploit
668
VMScore
CVE-2007-3244
SQL injection vulnerability in bb-includes/formatting-functions.php in bbPress prior to 0.8.1 might allow remote malicious users to execute arbitrary SQL commands via unspecified vectors to forums/bb-edit.php, as demonstrated by a PRE element, aka the "quircky slashes bug.&q...
Bbpress Bbpress 0.8
445
VMScore
CVE-2011-3710
bbPress 1.0.2 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by bb-templates/kakumei/view.php and certain other files.
Bbpress Bbpress 1.0.2
605
VMScore
CVE-2018-21006
The bbp-move-topics plugin prior to 1.1.6 for WordPress has CSRF.
Bbpress Move Topics Project Bbpress Move Topics
668
VMScore
CVE-2018-21005
The bbp-move-topics plugin prior to 1.1.6 for WordPress has code injection.
Bbpress Move Topics Project Bbpress Move Topics
NA
CVE-2023-24403
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP For The Win bbPress Voting plugin <= 2.1.11.0 versions.
Wpforthewin Bbpress Voting
NA
CVE-2023-34031
Cross-Site Request Forgery (CSRF) vulnerability in Pascal Casier bbPress Toolkit plugin <= 1.0.12 versions.
Casier Bbpress Toolkit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »