Vulnerabilities
Vulnerable Software
Bbpress:  >> Bbpress  >> 2.2.1  Security Vulnerabilities
An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled.
CVSS Score
9.8
EPSS Score
0.435
Published
2020-05-29
The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. An administrator can exploit this at the wp-admin/post.php?action=edit URI.
CVSS Score
4.8
EPSS Score
0.006
Published
2020-05-26


Contact Us

Shodan ® - All rights reserved