[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fqQsl-GcxFmajxqp5VdtSgZ_xZa3uOpTw92dW02tTLdY":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2015-5481","gd-bbpress-attachments-reflected-cross-site-scripting-2","GD bbPress Attachments \u003C 2.3 - Reflected Cross-Site Scripting","Cross-site scripting (XSS) vulnerability in forms\u002Fpanels.php in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter in the gdbbpress_attachments page to wp-admin\u002Fedit.php.","gd-bbpress-attachments",null,"\u003C2.3","2.3","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2015-07-08 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F7a1f91a3-6b8d-4be4-817c-9c88d2349723?source=api-prod",3121]