Forumpress@1.6.3 Security Vulnerabilities and Issues — Forumpress@1.6.3 CVE List

Lucene search

VasthtmlForumpress1.6.3

3 matches found

CVE•added 2014/01/16 9:55 p.m.•47 views

CVE-2012-6625

SQL injection vulnerability in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the groupid parameter in an editgroup action.

7.5CVSS8.8AI score0.06166EPSS

CVE•added 2014/01/16 9:55 p.m.•41 views

CVE-2012-6622

Multiple cross-site scripting (XSS) vulnerabilities in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) groupid parameter in an editgroup action or (2) usergroup_id parameter in an edi...

4.3CVSS6AI score0.04744EPSS

CVE•added 2014/01/16 9:55 p.m.•38 views

CVE-2012-6623

Cross-site scripting (XSS) vulnerability in fs-admin/wpf-add-forum.php in the ForumPress WP Forum Server plugin before 1.7.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the groupid parameter in an addforum action to wp-admin/admin.php.

4.3CVSS6AI score0.00377EPSS