cleantalk
Vulnerabilities and Security Researches

WP Forum Server, CVE-2012-6622

CVE, Research URL

CVE-2012-6622

Home page URL

Security reports for WP Forum Server

Application

WP Forum Server

Published on
Jan 17, 2014
Research Description
Multiple cross-site scripting (XSS) vulnerabilities in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) groupid parameter in an editgroup action or (2) usergroup_id parameter in an edit_usergroup action.
Affected versions
Min -, max 1.7.4.
Status
vulnerable
Previous vulnerability researches
WP Forum Server (CVE-2012-6622) , Jun 07, 2024
WP Forum Server (CVE-2012-6623) , Jun 07, 2024
WP Forum Server (CVE-2011-1047) , Jun 07, 2024
WP Forum Server (CVE-2012-6625) , Jun 07, 2024
WP Forum Server (CVE-2025-53306) , Jul 02, 2025
New vulnerability
MDJM Event Management (CVE-2025-52824) , Jul 03, 2025
OnionBuzz (CVE-2025-53312) , Jul 03, 2025
Hide Admin Bar From Front End (CVE-2025-53267) , Jul 03, 2025
WP Visual Sitemap (CVE-2025-53290) , Jul 03, 2025
ElementsKit Elementor addons (CVE-2025-4479) , Jul 03, 2025