WordPress Plugin Vulnerabilities
GD bbPress Attachments <= 2.5 - Authenticated Stored XSS
Description
An authenticated user of a bbPress forum, who can attach a file, can inject arbitrary JavaScript code via the image filename. The arbitrary code runs both on the topic page and in the admin panel, and it only affects the administrators, moderators and the attacker.
The variable $error[‘file’] in /code/attachments/front.php (line 349) is not escaped.
Affects Plugins
References
Classification
Type
XSS
OWASP top 10
CWE
Miscellaneous
Submitter
Luigi
Submitter website
Verified
No
WPVDB ID
Timeline
Publicly Published
2018-05-14 (about 6 years ago)
Added
2018-05-14 (about 6 years ago)
Last Updated
2020-04-15 (about 4 years ago)