WordPress ForumWP - Forum & Discussion Board plugin <= 2.1.2 - Reflected Cross-Site Scripting via url Parameter vulnerability

WordPress ForumWP - Forum & Discussion Board plugin = 2.1.2 - Reflected Cross-Site Scripting via url Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin ForumWP versions = 2.1.2...

CVE-2025-13746

The ForumWP – Forum & Discussion Board plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the User's Display Name in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress ForumWP – Forum & Discussion Board plugin <= 2.1.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Display Name vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting via Display Name vulnerability discovered by Sergej Ljubojevic in WordPress Plugin ForumWP versions = 2.1.6...

CVE-2025-13746

The ForumWP – Forum & Discussion Board plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the User's Display Name in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-13746

CVE-2025-13746 : ForumWP – Forum & Discussion Board (WordPress) is vulnerable to a Stored Cross-Site Scripting via the user’s Display Name in all versions up to 2.1.6. Exploitation requires authentication at Subscriber level or higher and can lead to arbitrary script execution on pages viewed by ...

CVE-2025-13746 ForumWP – Forum & Discussion Board <= 2.1.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Display Name

The ForumWP – Forum & Discussion Board plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the User's Display Name in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-13746 ForumWP – Forum & Discussion Board <= 2.1.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Display Name

The ForumWP – Forum & Discussion Board plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the User's Display Name in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

PT-2026-1401

Name of the Vulnerable Software and Affected Versions ForumWP – Forum & Discussion Board plugin for WordPress versions prior to 2.1.7 Description The ForumWP plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escaping when...

WordPress plugin ForumWP – Forum & Discussion Board 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...

CVE-2025-67474

Missing Authorization vulnerability in Ultimate Member ForumWP forumwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ForumWP: from n/a through = 2.1.4...

EUVD-2025-202130

Missing Authorization vulnerability in Ultimate Member ForumWP forumwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ForumWP: from n/a through = 2.1.4...

CVE-2025-67474

Missing Authorization vulnerability in Ultimate Member ForumWP forumwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ForumWP: from n/a through = 2.1.4...

CVE-2025-67474

CVE-2025-67474 is a Missing Authorization / Broken Access Control vulnerability in the WordPress ForumWP plugin (versions up to and including 2.1.4). The Red Hat, NVD/NVD-derived, CVE lists and PatchStack entry confirm that ForumWP 2.1.4). The vulnerability is described as an authorization/config...

CVE-2025-67474 WordPress ForumWP plugin <= 2.1.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ultimate Member ForumWP forumwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ForumWP: from n/a through = 2.1.4...

CVE-2025-67474 WordPress ForumWP plugin <= 2.1.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ultimate Member ForumWP forumwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ForumWP: from n/a through = 2.1.4...

WordPress plugin ForumWP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-49890

Name of the Vulnerable Software and Affected Versions ForumWP versions through 2.1.4 Description The software contains a missing authorization issue due to incorrectly configured access control security levels. Recommendations Update ForumWP to a version later than 2.1.4...

WordPress ForumWP plugin <= 2.1.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin ForumWP versions = 2.1.4...

EUVD-2024-52489

Malicious code in bioql PyPI...

EUVD-2024-34000

Malicious code in bioql PyPI...