VYPR
Unrated severityNVD Advisory· Published Jan 16, 2014· Updated Jun 16, 2026

CVE-2012-6623

CVE-2012-6623

Description

Cross-site scripting (XSS) vulnerability in fs-admin/wpf-add-forum.php in the ForumPress WP Forum Server plugin before 1.7.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the groupid parameter in an addforum action to wp-admin/admin.php.

Affected products

23
  • Vasthtml/Forumpress22 versions
    cpe:2.3:a:vasthtml:forumpress:1.0:-:-:*:-:wordpress:*:*+ 21 more
    • cpe:2.3:a:vasthtml:forumpress:1.0:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.1:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.2:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.3:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.4:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.5.1:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.5.2:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.5:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.6.2:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.6.3:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.6.4:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.6.5:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.6.6:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.6.7:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.6.8:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.6.9:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.6:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.7.1:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.7.2:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.7.3:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:1.7:-:-:*:-:wordpress:*:*
    • cpe:2.3:a:vasthtml:forumpress:*:-:-:*:-:wordpress:*:*range: <=1.7.4

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.