Every CVE whose affected-product data names Bbpress, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2020-13693 — CVSS 9.8 (critical): An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled.
CVE-2007-3244 — CVSS 7.5 (high): SQL injection vulnerability in bb-includes/formatting-functions.php in bbPress before 0.8.1 might allow remote attackers to execute…
CVE-2011-3710 — CVSS 5.0 (medium): bbPress 1.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation…
CVE-2020-13487 — CVSS 4.8 (medium): The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at…
CVE-2007-3243 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in bb-login.php in bbPress 0.8.1 allows remote attackers to inject arbitrary web script or HTML…