CVE-2020-13693

An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
VendorProductVersion
bbpressbbpress
𝑥
< 2.6.5
𝑥
= Vulnerable software versions
References
http://packetstormsecurity.com/files/157885/WordPress-BBPress-2.5-Privilege-Escalation.html
https://bbpress.org/blog/2020/05/bbpress-2-6-5-is-out/
https://codex.bbpress.org/releases/
https://wordpress.org/plugins/bbpress/#developers
http://packetstormsecurity.com/files/157885/WordPress-BBPress-2.5-Privilege-Escalation.html
https://bbpress.org/blog/2020/05/bbpress-2-6-5-is-out/
https://codex.bbpress.org/releases/
https://wordpress.org/plugins/bbpress/#developers