Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bbpress bbpress vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3293
The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to blind SQL Injection via the rtmedia_gallery shortcode in all versions up to, and including, 4.6.18 due to insufficient escaping on the user supplied parameter and lack of sufficient preparatio...
1 Github repository
NA
CVE-2023-51668
Cross-Site Request Forgery (CSRF) vulnerability in WP Zone Inline Image Upload for BBPress.This issue affects Inline Image Upload for BBPress: from n/a up to and including 1.1.18.
Wpzone Inline Image Upload For Bbpress
NA
CVE-2023-5931
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin prior to 4.6.16 does not validate files to be uploaded, which could allow attackers with a low-privilege account (e.g. subscribers) to upload arbitrary files such as PHP on the server
Rtcamp Rtmedia
NA
CVE-2023-5939
The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin prior to 4.6.16 loads the contents of the import file in an unsafe manner, leading to remote code execution by privileged users.
Rtcamp Rtmedia
NA
CVE-2023-34031
Cross-Site Request Forgery (CSRF) vulnerability in Pascal Casier bbPress Toolkit plugin <= 1.0.12 versions.
Casier Bbpress Toolkit
NA
CVE-2023-34032
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pascal Casier bbPress Toolkit plugin <= 1.0.12 versions.
Casier Bbpress Toolkit
NA
CVE-2023-24403
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP For The Win bbPress Voting plugin <= 2.1.11.0 versions.
Wpforthewin Bbpress Voting
NA
CVE-2022-45816
Auth. Stored Cross-Site Scripting (XSS) vulnerability in GD bbPress Attachments plugin <= 4.3.1 on WordPress.
Dev4press Gd Bbpress Attachments
668
VMScore
CVE-2020-13693
An unauthenticated privilege-escalation issue exists in the bbPress plugin prior to 2.6.5 for WordPress when New User Registration is enabled.
Bbpress Bbpress
318
VMScore
CVE-2020-13487
The bbPress plugin up to and including 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. An administrator can exploit this at the wp-admin/post.php?a...
Bbpress Bbpress
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »