7 matches found
CVE-2024-12221
The Turnkey bbPress by WeaverTheme plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘wpnonce’ parameter in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...
CVE-2024-12221 Turnkey bbPress by WeaverTheme <= 1.6.3 - Reflected Cross-Site Scripting via _wpnonce Parameter
The Turnkey bbPress by WeaverTheme plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘wpnonce’ parameter in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...
CVE-2024-12221 Turnkey bbPress by WeaverTheme <= 1.6.3 - Reflected Cross-Site Scripting via _wpnonce Parameter
The Turnkey bbPress by WeaverTheme plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘wpnonce’ parameter in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...
CVE-2024-12221
CVE-2024-12221 affects Turnkey bbPress by WeaverTheme (WordPress). It enables Reflected Cross-Site Scripting via the _wpnonce parameter in all versions
PT-2025-1785 · Weavertheme · Turnkey Bbpress
Name of the Vulnerable Software and Affected Versions: Turnkey bbPress by WeaverTheme plugin for WordPress versions up to, and including, 1.6.3 Description: The issue is related to Reflected Cross-Site Scripting via the wpnonce parameter due to insufficient input sanitization and output escaping...
WordPress plugin Turnkey bbPress by WeaverTheme 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Turnkey bbPress plugin <= 1.6.3 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Turnkey bbPress versions = 1.6.3...