69 matches found
CVE-2025-60163
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Robin W bbp topic count bbp-topic-count allows DOM-Based XSS.This issue affects bbp topic count: from n/a through = 3.2...
CVE-2025-60163
CVE-2025-60163 corresponds to a Cross-Site Scripting flaw in the WordPress plugin bbP topic count (bbp-topic-count) with authenticated (Contributor+) Stored XSS affecting version up to 3.1. The Wordfence Vulnerability Database entry indicates the issue is present and remains Unpatched. The EUVD E...
CVE-2025-60163 WordPress bbp topic count plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Robin W bbp topic count bbp-topic-count allows DOM-Based XSS.This issue affects bbp topic count: from n/a through = 3.2...
WordPress plugin bbp topic count 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-9896
The BBP Core – Expand bbPress powered forums with useful features plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated...
CVE-2023-33997
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Robin Wilson bbp style pack plugin = 5.5.5 versions...
CVE-2024-9896
The BBP Core – Expand bbPress powered forums with useful features plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated...
CVE-2024-9896
The BBP Core – Expand bbPress powered forums with useful features plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated...
CVE-2024-9896 BBP Core – Expand bbPress powered forums with useful features <= 1.2.5 - Reflected Cross-Site Scripting via add_query_arg Parameter
The BBP Core – Expand bbPress powered forums with useful features plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated...
CVE-2024-9896 BBP Core – Expand bbPress powered forums with useful features <= 1.2.5 - Reflected Cross-Site Scripting via add_query_arg Parameter
The BBP Core – Expand bbPress powered forums with useful features plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated...
CVE-2024-9896
CVE-2024-9896 affects BBP Core – Expand bbPress powered forums with useful features (WordPress) up to version 1.2.5. It is a Reflected XSS caused by insufficient escaping of add_query_arg in the URL. Exploitation requires a user to click a crafted link; unauthenticated attackers can inject script...
PT-2024-39922 · WordPress · The Bbp Core
Name of the Vulnerable Software and Affected Versions: The BBP Core – Expand bbPress powered forums with useful features plugin for WordPress versions 1.2.5 and earlier Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escaping...
WordPress plugin BBP Core 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin BB...
WordPress BBP Core plugin <= 1.2.5 - Reflected Cross-Site Scripting via add_query_arg Parameter vulnerability
Reflected Cross-Site Scripting via addqueryarg Parameter vulnerability discovered by Colin Xu in WordPress Plugin BBP Core versions = 1.2.5...
WordPress Plugin bbp-toolkit Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
bbp style pack < 5.6.8 - Contributor+ Stored XSS
Description The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-44984
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Robin Wilson bbp style pack plugin = 5.6.7 versions...
CVE-2023-44984 WordPress bbp style pack Plugin <= 5.6.7 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Robin Wilson bbp style pack plugin = 5.6.7 versions...
CVE-2023-44984
CVE-2023-44984: WordPress bbp style pack plugin
CVE-2023-44984 WordPress bbp style pack Plugin <= 5.6.7 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Robin Wilson bbp style pack plugin = 5.6.7 versions...