Lucene search
K

7 matches found

NVD
NVD
added 2025/01/04 10:15 a.m.7 views

CVE-2024-12221

The Turnkey bbPress by WeaverTheme plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘wpnonce’ parameter in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...

6.1CVSS0.00351EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/01/04 9:22 a.m.7 views

CVE-2024-12221 Turnkey bbPress by WeaverTheme <= 1.6.3 - Reflected Cross-Site Scripting via _wpnonce Parameter

The Turnkey bbPress by WeaverTheme plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘wpnonce’ parameter in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...

6.1CVSS6.4AI score0.00351EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/04 9:22 a.m.17 views

CVE-2024-12221 Turnkey bbPress by WeaverTheme <= 1.6.3 - Reflected Cross-Site Scripting via _wpnonce Parameter

The Turnkey bbPress by WeaverTheme plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘wpnonce’ parameter in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...

6.1CVSS0.00351EPSS
Exploits0References3
CVE
CVE
added 2025/01/04 9:22 a.m.42 views

CVE-2024-12221

CVE-2024-12221 affects Turnkey bbPress by WeaverTheme (WordPress). It enables Reflected Cross-Site Scripting via the _wpnonce parameter in all versions

6.1CVSS6AI score0.00351EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/04 12:0 a.m.2 views

PT-2025-1785 · Weavertheme · Turnkey Bbpress

Name of the Vulnerable Software and Affected Versions: Turnkey bbPress by WeaverTheme plugin for WordPress versions up to, and including, 1.6.3 Description: The issue is related to Reflected Cross-Site Scripting via the wpnonce parameter due to insufficient input sanitization and output escaping...

6.1CVSS8.7AI score0.00351EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/01/04 12:0 a.m.5 views

WordPress plugin Turnkey bbPress by WeaverTheme 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS7.6AI score0.00351EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/01/03 10:53 p.m.3 views

WordPress Turnkey bbPress plugin <= 1.6.3 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Turnkey bbPress versions = 1.6.3...

6.1CVSS6.3AI score0.00351EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder