cleantalk
Vulnerabilities and Security Researches

bbPress Notify (No-Spam), CVE-2024-37485

CVE, Research URL

CVE-2024-37485

Home page URL

Security reports for bbPress Notify (No-Spam)

Application

bbPress Notify (No-Spam)

Published on
Jul 22, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Vinny Alves (UseStrict Consulting) bbPress Notify allows Reflected XSS.This issue affects bbPress Notify: from n/a through 2.18.3.
Affected versions
max 2.18.4.
Status
vulnerable
Previous vulnerability researches
bbPress Notify (No-Spam) (CVE-2024-37485) , Jul 08, 2024
bbPress Notify (No-Spam) (CVE-2025-49962) , Nov 11, 2025
New vulnerability
My auctions allegro (CVE-2025-10048) , Nov 11, 2025
Sertifier Certificates & Open Badges – Tutor LMS (CVE-2025-53214) , Nov 11, 2025
Toast Mobile Menu – PageSpeed Insights Friendly (CVE-2025-53238) , Nov 11, 2025
Stripe Payment forms for WordPress Plugin – WP Full Pay (CVE-2025-9322) , Nov 11, 2025
RomethemeKit For Elementor (CVE-2025-62065) , Nov 11, 2025