Gd Bbpress Attachments

gd_bbpress_attachments

Vendor: Dev4press • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-45816 1Dev4press 1Gd Bbpress Attachments Nov 21, 2024 Dec 6, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Auth. Stored Cross-Site Scripting (XSS) vulnerability in GD bbPress Attachments plugin <= 4.3.1 on WordPress.
CVE-2015-5482 1Dev4press 1Gd Bbpress Attachments May 6, 2026 Aug 18, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Directory traversal vulnerability in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the tab parameter in the gdb...Show more Directory traversal vulnerability in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the tab parameter in the gdbbpress_attachments page to wp-admin/edit.php.Show less
CVE-2015-5481 1Dev4press 1Gd Bbpress Attachments May 6, 2026 Aug 18, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in forms/panels.php in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter in the gdbbp...Show more Cross-site scripting (XSS) vulnerability in forms/panels.php in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter in the gdbbpress_attachments page to wp-admin/edit.php.Show less