CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site scripting XSS vulnerability in fs-admin/wpf-add-forum.php in the ForumPress WP Forum Server plugin before 1.7.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the groupid parameter in an addforum action to wp-admin/admin.php...

4.3CVSS6AI score0.00377EPSS

Exploits0References1

NVD•added 2014/01/16 9:55 p.m.•11 views

CVE-2012-6623

4.3CVSS5.8AI score0.00377EPSS

Exploits0References4

NVD•added 2014/01/16 9:55 p.m.•14 views

CVE-2012-6625

SQL injection vulnerability in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the groupid parameter in an editgroup action...

7.5CVSS8.5AI score0.02981EPSS

Exploits0References4

NVD•added 2014/01/16 9:55 p.m.•14 views

CVE-2012-6622

Multiple cross-site scripting XSS vulnerabilities in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 groupid parameter in an editgroup action or 2 usergroupid parameter in an...

4.3CVSS5.9AI score0.04086EPSS

Exploits1References5

Prion•added 2014/01/16 9:55 p.m.•10 views

Cross site scripting

4.3CVSS6.3AI score0.00377EPSS

Exploits0References4Affected Software1

Prion•added 2014/01/16 9:55 p.m.•12 views

Sql injection

7.5CVSS9.2AI score0.02981EPSS

Exploits0References4Affected Software1

Prion•added 2014/01/16 9:55 p.m.•13 views

Cross site scripting

4.3CVSS6.2AI score0.04086EPSS

Exploits1References5Affected Software1

Cvelist•added 2014/01/16 9:0 p.m.•18 views

CVE-2012-6625

8.5AI score0.02981EPSS

Exploits0References4

Cvelist•added 2014/01/16 9:0 p.m.•17 views

CVE-2012-6622

5.9AI score0.04086EPSS

Exploits1References5

CVE•added 2014/01/16 9:0 p.m.•45 views

CVE-2012-6622

The CVE-2012-6622 entry concerns the ForumPress WP Forum Server WordPress plugin, specifically the fs-admin/fs-admin.php component, which is vulnerable to multiple XSS flaws. The vulnerability exists in version prior to 1.7.4 and is triggered via the groupid parameter in an editgroup action or th...

4.3CVSS6AI score0.04086EPSS

Exploits1References5Affected Software1

CVE•added 2014/01/16 9:0 p.m.•53 views

CVE-2012-6625

CVE-2012-6625 affects the ForumPress WP Forum Server plugin for WordPress, specifically the fs-admin/fs-admin.php component. The vulnerability is a SQL injection via the groupid parameter in an editgroup action, exploitable remotely and leading to arbitrary SQL execution. It applies to plugin ver...

7.5CVSS8.8AI score0.02981EPSS

Exploits0References4Affected Software1

CVE•added 2014/01/16 9:0 p.m.•42 views

CVE-2012-6623

The CVE-2012-6623 issue affects the WordPress plugin ForumPress WP Forum Server (affected: ForumPress WP Forum Server plugin before 1.7.5). The vulnerability is an XSS in fs-admin/wpf-add-forum.php, exploitable via the groupid parameter in an addforum action to wp-admin/admin.php, allowing remote...

4.3CVSS6AI score0.00377EPSS

Exploits0References4Affected Software1

Cvelist•added 2014/01/16 9:0 p.m.•19 views

CVE-2012-6623

5.8AI score0.00377EPSS

Exploits0References4

CVE•added 2011/02/21 6:0 p.m.•46 views

CVE-2011-1047

CVE-2011-1047 concerns multiple SQL injection vulnerabilities in the VastHTML Forum Server (aka ForumPress) WordPress plugin, specifically versions 1.6.1 and 1.6.5. The issues arise from improper input sanitization in three vectors: (1) the search_max parameter in index.php (wpf.class.php), (2) t...

7.5CVSS8.7AI score0.02966EPSS

Exploits1References10Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by