Vulnerabilities > Bbpress > Bbpress > 2.5.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-29 | CVE-2020-13693 | Unspecified vulnerability in Bbpress An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled. | 7.5 |
| 2020-05-26 | CVE-2020-13487 | Cross-site Scripting vulnerability in Bbpress The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. | 3.5 |