Unrated severityNVD Advisory· Published Jan 16, 2014· Updated Apr 29, 2026
CVE-2012-6623
CVE-2012-6623
Description
Cross-site scripting (XSS) vulnerability in fs-admin/wpf-add-forum.php in the ForumPress WP Forum Server plugin before 1.7.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the groupid parameter in an addforum action to wp-admin/admin.php.
Affected products
22cpe:2.3:a:vasthtml:forumpress:1.0:-:-:*:-:wordpress:*:*+ 21 more
- cpe:2.3:a:vasthtml:forumpress:1.0:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.1:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.2:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.3:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.4:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.5.1:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.5.2:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.5:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.6.2:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.6.3:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.6.4:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.6.5:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.6.6:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.6.7:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.6.8:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.6.9:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.6:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.7.1:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.7.2:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.7.3:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:1.7:-:-:*:-:wordpress:*:*
- cpe:2.3:a:vasthtml:forumpress:*:-:-:*:-:wordpress:*:*range: <=1.7.4
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.