Does BC Forum have any unpatched vulnerabilities?

No. All known vulnerabilities in BC Forum have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is BC Forum compatible with WordPress 6.8.5?

According to WordPress.org data, BC Forum 1.0.2 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is BC Forum compatible with PHP 7.4+?

BC Forum requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is BC Forum updated?

BC Forum was last updated on Unknown. Frequent updates are generally a positive security signal.

What is BC Forum's security score?

BC Forum has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BC Forum Security Review — Score 100/100 (safe)

Safety Verdict

Is BC Forum Safe to Use in 2026?

Generally Safe

Score 100/100

BC Forum has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The bc-forum plugin v1.0.2 exhibits a generally good security posture with many security best practices implemented. The vast majority of SQL queries use prepared statements, output is overwhelmingly properly escaped, and there are no recorded vulnerabilities (CVEs) or file operations. Nonce and capability checks are present, indicating an awareness of WordPress security mechanisms. However, two critical concerns stand out. The presence of 17 AJAX handlers, with 2 of them lacking any authentication checks, presents a significant attack vector. Additionally, the taint analysis reveals 6 high-severity flows with unsanitized paths, which could lead to serious security issues if exploited. While the plugin's vulnerability history is clean, the current static analysis findings suggest potential for exploitation if these unprotected AJAX endpoints or unsanitized taint flows are present. The lack of historical vulnerabilities is a positive indicator of past development quality, but the current analysis highlights areas that require immediate attention to maintain this strong record.

Key Concerns

Unprotected AJAX handlers found
High severity taint flows with unsanitized paths

Vulnerabilities

None known

BC Forum Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

BC Forum Code Analysis

Dangerous Functions

0

Raw SQL Queries

5

87 prepared

Unescaped Output

3

160 escaped

Nonce Checks

23

Capability Checks

1

File Operations

0

External Requests

0

Bundled Libraries

0

SQL Query Safety

95% prepared92 total queries

Output Escaping

98% escaped163 total outputs

Data Flows

8 unsanitized

Data Flow Analysis

19 flows8 with unsanitized paths

display_bcforum_edit_forum (bc-forum.php:471)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

BC Forum Attack Surface

Entry Points18

Unprotected2

AJAX Handlers 17

authwp_ajax_bcforum_approve_questionadmin-questions-list.php:8

authwp_ajax_bcforum_delete_questionadmin-questions-list.php:49

authwp_ajax_bcforum_submit_commentbc-forum.php:190

noprivwp_ajax_bcforum_submit_commentbc-forum.php:191

authwp_ajax_bcforum_loadmore_answersbc-forum.php:193

noprivwp_ajax_bcforum_loadmore_answersbc-forum.php:194

authwp_ajax_bcforum_save_questionbc-forum.php:196

noprivwp_ajax_bcforum_save_questionbc-forum.php:197

authwp_ajax_bcforum_get_questionsbc-forum.php:199

noprivwp_ajax_bcforum_get_questionsbc-forum.php:200

authwp_ajax_bcforum_toggle_likebc-forum.php:204

noprivwp_ajax_bcforum_toggle_likebc-forum.php:205

authwp_ajax_bcforum_get_titlesbc-forum.php:209

noprivwp_ajax_bcforum_get_titlesbc-forum.php:210

authwp_ajax_bcforum_delete_forumforums-list.php:8

authwp_ajax_bcforum_approve_answersingle-question-answers-list.php:8

authwp_ajax_bcforum_delete_answersingle-question-answers-list.php:44

Shortcodes 1

[bcforum_question_answers] bc-forum.php:182

WordPress Hooks 12

actionwp_enqueue_scriptsadmin-questions-list.php:110

actionadmin_enqueue_scriptsbc-forum.php:34

actioninitbc-forum.php:67

actionwp_insert_postbc-forum.php:80

actionwp_enqueue_scriptsbc-forum.php:180

actionadmin_enqueue_scriptsbc-forum.php:181

actionadmin_initbc-forum.php:184

actionadmin_initbc-forum.php:185

actionadmin_initbc-forum.php:186

actionadmin_initbc-forum.php:187

actionadmin_menubc-forum.php:202

actionadmin_initbc-forum.php:207

Maintenance & Trust

BC Forum Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedUnknown

PHP min version7.4

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

BC Forum Alternatives

CM Answers – Discussion Forum Plugin for WordPress Q&A

cm-answers

A

97

Discussion Forum Plugin for WordPress Q&A. Build engaging community forums with voting, moderation, notifications, and AI integration.

300 3 CVEs

Video Forum / QA / Discussion Board

forum-qa-discussion-board

A

92

Enhance community engagement with a video-enabled forum and Q&A board, supporting multimedia posts and monetization.

10 No CVEs

bbPress

bbpress

A

91

bbPress is forum software for WordPress.

100K 6 CVEs

Asgaros Forum

asgaros-forum

B

76

Asgaros Forum is the best forum-plugin for WordPress! It comes with dozens of features in a beautiful design and stays simple and fast.

10K 12 CVEs

AnsPress – Question and answer

anspress-question-answer

A

92

A free question and answer plugin for WordPress. Made with developers in mind, and highly customizable.

3K No CVEs

Developer Profile

BC Forum Developer Profile

Believe Creative

1 plugin · 0 total installs

94

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect BC Forum

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bc-forum/bc-forum-block.css/wp-content/plugins/bc-forum/bc-forum-backend.css

HTML / DOM Fingerprints

CSS Classes

bc-forum-blockbcforum-question-archive-listbcforum-question-titlebcforum-question-metabcforum-answer-listbcforum-answer-itembcforum-answer-contentbcforum-answer-meta+5 more

Data Attributes

data-question-iddata-pagedata-logged-indata-login-urluser_id

JS Globals

bcforum_ajax_object

REST Endpoints

/wp-json/bcforum/v1/submit_comment/wp-json/bcforum/v1/loadmore_answers/wp-json/bcforum/v1/save_question/wp-json/bcforum/v1/get_questions/wp-json/bcforum/v1/toggle_like/wp-json/bcforum/v1/get_titles

Shortcode Output

[bcforum_question_answers]

FAQ

BC Forum Security & Risk Analysis