WordPress Plugin Vulnerabilities

bbPress - Multiple Script Malformed Input Path Disclosure

Description

The bbPress WordPress plugin was affected by a Multiple Script Malformed Input Path Disclosure security vulnerability.

Affects Plugins

Plugin icon
bbpress
Fixed in 2.0

References

Exploitdb
22396
URL
https://packetstormsecurity.com/files/#116123/
URL
https://exchange.xforce.ibmcloud.com/vulnerabilities/78244

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Verified
No
WPVDB ID
5f64a8ca-ea25-4fe2-ac1d-77d321404b6f

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2014-08-01
Title
p1m media manager - SQL Injection
Published
2021-03-16
Title
wpDataTables < 3.4.2 - Blind SQL Injection via start Parameter
Published
2025-02-21
Title
CHATLIVE <= 2.0.1 - Unauthenticated SQL Injection
Published
2022-05-09
Title
Note Press <= 0.1.10 - Admin+ SQLi via Bulk Actions
Published
2025-01-15
Title
Passwords Manager < 1.5.1 - Authenticated (Subscriber+) SQL Injection