Bbpress - Bbpress CVE

Filtered by vendor Bbpress Subscribe

Filtered by product Bbpress

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-13487	1 Bbpress	1 Bbpress	2020-05-28	3.5 LOW	4.8 MEDIUM
The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. An administrator can exploit this at the wp-admin/post.php?action=edit URI.
CVE-2011-1150	1 Bbpress	1 Bbpress	2020-02-06	4.3 MEDIUM	6.1 MEDIUM
bbPress through 1.0.2 has XSS in /bb-login.php url via the re parameter.

Vulnerabilities (CVE)