Full Disclosure

Reflected XSS in GD bbPress Attachments allows an attacker to do almost anything an admin can (WordPress plugin)

July 10, 2015 007admin Leave a comment

Posted by dxw Security on Jul 10

Details
================
Software: GD bbPress Attachments
Version: 2.1
Homepage: http://wordpress.org/plugins/gd-bbpress-attachments/
Advisory report:
https://security.dxw.com/advisories/reflected-xss-in-gd-bbpress-attachments-allows-an-attacker-to-do-almost-anything-an-admin-can/
CVE: Awaiting assignment
CVSS: 5.8 (Medium; AV:N/AC:M/Au:N/C:P/I:P/A:N)

Description
================
Reflected XSS in GD bbPress Attachments allows an attacker to do…

Leave a Reply Cancel reply

You must be logged in to post a comment.

Software and Security Information