2 matches found
CVE-2023-34032
CVE-2023-34032 is an unauthenticated reflected cross-site scripting (XSS) vulnerability in the bbPress Toolkit WordPress plugin, affecting versions ≤ 1.0.12. The underlying issue is an XSS flaw in the plugin’s handling of input, allowing malicious script injection that could affect site visitors....
CVE-2023-34031
CVE-2023-34031 describes a Cross-Site Request Forgery (CSRF) in the WordPress plugin bbPress Toolkit by Pascal Casier, affecting versions up to and including 1.0.12 . The vulnerability is unauthenticated and can be triggered when a user interacts with a crafted request, potentially allowing an at...