Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 23 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-53228 WordPress bbpress Simple Advert Units Plugin <= 0.41 - Cross Site Scripting (XSS) Vulnerability jezza101bbpress Simple Advert Units--2026-02-20 15:46:27 Deep Dive
CVE-2026-25325 WordPress rtMedia for WordPress, BuddyPress and bbPress plugin <= 4.7.8 - Sensitive Data Exposure vulnerability rtCamprtMedia for WordPress, BuddyPress and bbPress--2026-02-19 08:26:56 Deep Dive
CVE-2025-9218 rtMedia for WordPress, BuddyPress and bbPress 4.7.0 - 4.7.3 - Missing Authorization to Unauthenticated Information Disclosure via handle_rest_pre_dispatch Function rtcamprtMedia for WordPress, BuddyPress and bbPress Low 3.7 2025-12-13 04:31:26 Deep Dive
CVE-2025-49962 WordPress bbPress Notify plugin <= 2.19.5 - Cross Site Scripting (XSS) vulnerability useStrictbbPress Notify--2025-10-22 14:32:22 Deep Dive
CVE-2025-49959 WordPress bbPress Move Topics plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability Pascal CasierbbPress Move Topics--2025-10-22 14:32:21 Deep Dive
CVE-2025-58002 WordPress GD bbPress Tools plugin <= 3.5.3 - Cross Site Scripting (XSS) vulnerability Milan PetrovicGD bbPress Tools Medium 6.5 2025-09-22 18:24:14 Deep Dive
CVE-2025-24763 WordPress bbPress API plugin <= 1.0.14 - Broken Access Control Vulnerability Pascal CasierbbPress API Medium 5.3 2025-06-06 12:54:40 Deep Dive
CVE-2025-2006 Inline Image Upload for BBPress <= 1.1.19 - Authenticated (Subscriber+) Arbitrary File Upload berrypressInline Image Upload for BBPress High 8.8 2025-03-29 07:03:31 Deep Dive
CVE-2025-1435 bbPress <= 2.6.11 - Cross-Site Request Forgery to Limited Privilege Escalation johnjamesjacobybbPress Medium 6.3 2025-03-05 08:21:54 Deep Dive
CVE-2024-12221 Turnkey bbPress by WeaverTheme <= 1.6.3 - Reflected Cross-Site Scripting via _wpnonce Parameter wpweaverTurnkey bbPress by WeaverTheme Medium 6.1 2025-01-04 09:22:37 Deep Dive
CVE-2023-41951 WordPress rtMedia for WordPress, BuddyPress and bbPress plugin <= 4.6.14 - Broken Access Control vulnerability rtCamprtMedia for WordPress, BuddyPress and bbPress Medium 4.3 2024-12-13 14:24:25 Deep Dive
CVE-2024-11278 GD bbPress Attachments <= 4.7.2 - Reflected Cross-Site Scripting gdragonGD bbPress Attachments Medium 6.1 2024-11-20 04:31:29 Deep Dive
CVE-2024-9896 BBP Core – Expand bbPress powered forums with useful features <= 1.2.5 - Reflected Cross-Site Scripting via add_query_arg Parameter spiderdevsForumax – AI Powered Advanced Community Forum Plugin Medium 6.1 2024-11-02 07:34:03 Deep Dive
CVE-2024-37485 WordPress bbPress Notify (No-Spam) plugin <= 2.18.3 - Reflected Cross Site Scripting (XSS) vulnerability Vinny Alves (UseStrict Consulting)bbPress Notify High 7.1 2024-07-21 21:19:47 Deep Dive
CVE-2024-3293 rtMedia for WordPress, BuddyPress and bbPress <= 4.6.18 - Authenticated (Contributor+) SQL Injection via rtmedia_gallery Shortcode rtcamprtMedia for WordPress, BuddyPress and bbPress High 8.8 2024-04-23 01:58:07 Deep Dive
CVE-2023-51668 WordPress Inline Image Upload for BBPress Plugin <= 1.1.18 is vulnerable to Cross Site Request Forgery (CSRF) WP ZoneInline Image Upload for BBPress Medium 4.3 2024-01-05 09:49:47 Deep Dive
CVE-2023-5939 rtMedia for WordPress, BuddyPress and bbPress < 4.6.16 - Admin+ RCE UnknownrtMedia for WordPress, BuddyPress and bbPress--2023-12-26 18:33:10 Deep Dive
CVE-2023-5931 rtMedia for WordPress, BuddyPress and bbPress < 4.6.16 - Subscriber+ RCE UnknownrtMedia for WordPress, BuddyPress and bbPress--2023-12-26 18:33:01 Deep Dive
CVE-2023-34031 WordPress bbPress Toolkit Plugin <= 1.0.12 is vulnerable to Cross Site Request Forgery (CSRF) Pascal CasierbbPress Toolkit 中危 -2023-11-09 20:25:19 Deep Dive
CVE-2023-34032 WordPress bbPress Toolkit Plugin <= 1.0.12 is vulnerable to Cross Site Scripting (XSS) Pascal CasierbbPress Toolkit High 7.1 2023-08-30 14:19:23 Deep Dive