Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bbpress bbpress vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-24403
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP For The Win bbPress Voting plugin <= 2.1.11.0 versions.
Wpforthewin Bbpress Voting
4.3
CVSSv2
CVE-2015-5481
Cross-site scripting (XSS) vulnerability in forms/panels.php in the GD bbPress Attachments plugin prior to 2.3 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the tab parameter in the gdbbpress_attachments page to wp-admin/edit.php.
Dev4press Gd Bbpress Attachments
4
CVSSv2
CVE-2015-5482
Directory traversal vulnerability in the GD bbPress Attachments plugin prior to 2.3 for WordPress allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the tab parameter in the gdbbpress_attachments page to wp-admin/edit.php.
Dev4press Gd Bbpress Attachments
NA
CVE-2022-45816
Auth. Stored Cross-Site Scripting (XSS) vulnerability in GD bbPress Attachments plugin <= 4.3.1 on WordPress.
Dev4press Gd Bbpress Attachments
NA
CVE-2023-51668
Cross-Site Request Forgery (CSRF) vulnerability in WP Zone Inline Image Upload for BBPress.This issue affects Inline Image Upload for BBPress: from n/a up to and including 1.1.18.
Wpzone Inline Image Upload For Bbpress
NA
CVE-2023-5939
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin prior to 4.6.16 loads the contents of the import file in an unsafe manner, leading to remote code execution by privileged users.
Rtcamp Rtmedia
NA
CVE-2023-5931
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin prior to 4.6.16 does not validate files to be uploaded, which could allow attackers with a low-privilege account (e.g. subscribers) to upload arbitrary files such as PHP on the server
Rtcamp Rtmedia
NA
CVE-2024-3293
The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to blind SQL Injection via the rtmedia_gallery shortcode in all versions up to, and including, 4.6.18 due to insufficient escaping on the user supplied parameter and lack of sufficient preparatio...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2