CVE-2024-12221 | WeaverTheme Turnkey bbPress Plugin up to 1.6.3 on WordPress _wpnonce cross site scripting

Posted by Angelo Barbosa | Jan 4, 2025 | CVE

A vulnerability was found in WeaverTheme Turnkey bbPress Plugin up to 1.6.3 on WordPress. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument _wpnonce leads to cross site scripting.

The identification of this vulnerability is CVE-2024-12221. The attack may be initiated remotely. There is no exploit available.

CVE-2024-12221 | WeaverTheme Turnkey bbPress Plugin up to 1.6.3 on WordPress _wpnonce cross site scripting

Related Posts

CVE-2024-26305 | Aruba ArubaOS 8.10.0.11/8.11.2.2/10.4.1.1/10.5.1.1 Access Point Management Protocol buffer overflow (ARUBA-PSA-2024-004)

CVE-2024-25561 | Intel HID Event Filter Software Installer prior 2.2.2.1 insecure inherited permissions (intel-sa-01089)

CVE-2024-6847 | Chatbot with ChatGPT Plugin up to 2.4.4 on WordPress sql injection

CVE-2022-32502 | Nuki Bridge up to 1.21.x/2.13.1 Encrypted Token Parser buffer overflow