EUVD-2025-19368

Malicious code in bioql PyPI...

CVE-2025-53306

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in lucidcrew WP Forum Server forum-server allows SQL Injection.This issue affects WP Forum Server: from n/a through = 1.8.2...

CVE-2025-53305

Cross-Site Request Forgery CSRF vulnerability in lucidcrew WP Forum Server forum-server allows Stored XSS.This issue affects WP Forum Server: from n/a through = 1.8.2...

CVE-2025-53305

Cross-Site Request Forgery CSRF vulnerability in lucidcrew WP Forum Server forum-server allows Stored XSS.This issue affects WP Forum Server: from n/a through = 1.8.2...

CVE-2025-53306

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in lucidcrew WP Forum Server forum-server allows SQL Injection.This issue affects WP Forum Server: from n/a through = 1.8.2...

CVE-2025-53306 WordPress WP Forum Server plugin <= 1.8.2 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in lucidcrew WP Forum Server allows SQL Injection. This issue affects WP Forum Server: from n/a through 1.8.2...

CVE-2025-53306 WordPress WP Forum Server plugin <= 1.8.2 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in lucidcrew WP Forum Server forum-server allows SQL Injection.This issue affects WP Forum Server: from n/a through = 1.8.2...

CVE-2025-53305 WordPress WP Forum Server plugin <= 1.8.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in lucidcrew WP Forum Server forum-server allows Stored XSS.This issue affects WP Forum Server: from n/a through = 1.8.2...

CVE-2025-53305

CVE-2025-53305 is a CSRF vulnerability in the WordPress plugin WP Forum Server (lucidcrew WP Forum Server). The issue permits Stored XSS and affects versions 1.8.2 and earlier. The CVSS v3.1 base score is 7.1 (HIGH); exploitability not explicitly confirmed in provided docs. A patch exists in newe...

CVE-2025-53305 WordPress WP Forum Server plugin <= 1.8.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in lucidcrew WP Forum Server forum-server allows Stored XSS.This issue affects WP Forum Server: from n/a through = 1.8.2...

WordPress plugin WP Forum Server 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

PT-2025-27204 · Lucidcrew · Lucidcrew Wp Forum Server

Name of the Vulnerable Software and Affected Versions: lucidcrew WP Forum Server versions 1.8.2 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on the web...

PT-2025-27205 · Lucidcrew · Lucidcrew Wp Forum Server

Name of the Vulnerable Software and Affected Versions: lucidcrew WP Forum Server versions 1.8.2 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

WP Forum Server 1.6.5 - feed.php topic Parameter SQL Injection

The WP Forum Server WordPress plugin was affected by a feed.php topic Parameter SQL Injection security vulnerability...

WP Forum Server 1.6.5 - index.php Multiple Parameter SQL Injection

The WP Forum Server WordPress plugin was affected by an index.php Multiple Parameter SQL Injection security vulnerability...

WP Forum Server <= 1.7.3 - fs-admin/wpf-add-forum.php groupid Parameter XSS

The WP Forum Server WordPress plugin was affected by a fs-admin/wpf-add-forum.php groupid Parameter XSS security vulnerability...

CVE-2012-6622

Multiple cross-site scripting XSS vulnerabilities in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 groupid parameter in an editgroup action or 2 usergroupid parameter in an...

CVE-2012-6622

The CVE-2012-6622 entry concerns the ForumPress WP Forum Server WordPress plugin, specifically the fs-admin/fs-admin.php component, which is vulnerable to multiple XSS flaws. The vulnerability exists in version prior to 1.7.4 and is triggered via the groupid parameter in an editgroup action or th...

CVE-2012-6623

The CVE-2012-6623 issue affects the WordPress plugin ForumPress WP Forum Server (affected: ForumPress WP Forum Server plugin before 1.7.5). The vulnerability is an XSS in fs-admin/wpf-add-forum.php, exploitable via the groupid parameter in an addforum action to wp-admin/admin.php, allowing remote...

WP Forum Server 1.6.5 Wordpress Plugin SQL Injection Vulnerability

Exploit for php platform in category web applications Product: WP Forum Server wordpress plugin Vendor: VastHTML Vulnerable Version: 1.6.5 Vendor Notification: 10 February 2011 Vulnerability Type: SQL Injection Risk level: High Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing...