CVE-2025-1435 | johnjamesjacoby bbPress Plugin up to 2.6.11 on WordPress bbp_user_add_role_on_register cross-site request forgery

Inserito da Angelo Barbosa | Mar 5, 2025 | CVE

A vulnerability was found in johnjamesjacoby bbPress Plugin up to 2.6.11 on WordPress. It has been classified as problematic. Affected is the function bbp_user_add_role_on_register. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2025-1435. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-1435 | johnjamesjacoby bbPress Plugin up to 2.6.11 on WordPress bbp_user_add_role_on_register cross-site request forgery

Post correlati

CVE-2024-31213 | InstantSoft icms2 up to 2.16.1 User Profile redirect (GHSA-6v3c-p92q-prfq)

CVE-2024-0719 | Tabs Shortcode and Widget Plugin up to 1.17 on WordPress cross site scripting

CVE-2024-48841 | ABB FLXEON up to 9.3.4 filename control

CVE-2024-43373 | j4k0xb webcrack up to 2.14.0 on Windows path traversal