cleantalk
Vulnerabilities and Security Researches

WP Forum Server, CVE-2012-6623

CVE, Research URL

CVE-2012-6623

Home page URL

Security reports for WP Forum Server

Application

WP Forum Server

Published on
Jan 17, 2014
Research Description
Cross-site scripting (XSS) vulnerability in fs-admin/wpf-add-forum.php in the ForumPress WP Forum Server plugin before 1.7.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the groupid parameter in an addforum action to wp-admin/admin.php.
Affected versions
Min -, max 1.7.5.
Status
vulnerable
Previous vulnerability researches
WP Forum Server (CVE-2012-6622) , Jun 07, 2024
WP Forum Server (CVE-2012-6623) , Jun 07, 2024
WP Forum Server (CVE-2011-1047) , Jun 07, 2024
WP Forum Server (CVE-2012-6625) , Jun 07, 2024
WP Forum Server (CVE-2025-53306) , Jul 02, 2025
New vulnerability
MDJM Event Management (CVE-2025-52824) , Jul 03, 2025
OnionBuzz (CVE-2025-53312) , Jul 03, 2025
Hide Admin Bar From Front End (CVE-2025-53267) , Jul 03, 2025
WP Visual Sitemap (CVE-2025-53290) , Jul 03, 2025
ElementsKit Elementor addons (CVE-2025-4479) , Jul 03, 2025