ThreatPress

WordPress Vulnerabilities Database

Back

WordPress bbPress Login Register Links On Forum Topic Pages plugin <= 2.7.5 - Cross-Site Request Forgery (CSRF) to Stored Cross-Site Scripting (XSS) vulnerability

Product
bbPress Login Register Links On Forum Topic Pages
Description
CSRF to Stored XSS vulnerability found in WordPress bbPress Login Register Links On Forum Topic Pages plugin (versions <= 2.7.5).
Solution
Update the WordPress bbPress Login Register Links On Forum Topic Pages plugin to the latest available version (at least 2.8.5).
Classification
Type Multi
OWASP Top 10 A8: Cross Site Request Forgery (CSRF)
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 2.7.5
Fixed In 2.8.5
Disclosure date
2019-12-27
Submitter
ThreatPress