2 matches found
CVE-2018-21005
The affected software is the WordPress plugin bbp-move-topics, prior to version 1.1.6. The vulnerability is a code injection issue in the plugin. The connected sources confirm the name, affected component, and root cause, but do not provide explicit exploitation details or a published remediation...
CVE-2018-21006
CVE-2018-21006 affects the WordPress plugin bbp-move-topics prior to version 1.1.6. The vulnerability is a CSRF flaw that could allow an attacker to cause unintended requests/actions on behalf of an authenticated user. The root cause is CSRF in the bbp-move-topics plugin, as documented in multipl...