PT-2020-13651 · WordPress · Bbpress

Hoangkien1020

·

Published

2020-05-28

·

Updated

2022-05-24

·

CVE-2020-13693

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions bbPress plugin versions prior to 2.6.5
Description An unauthenticated privilege-escalation issue exists in the bbPress plugin for WordPress when New User Registration is enabled.
Recommendations For bbPress plugin versions prior to 2.6.5, update to version 2.6.5 or later to resolve the issue.

Exploit

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2020-13693
GHSA-MWXH-6J9V-45PH

Affected Products

Bbpress