4.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-13487

GHSA ID

GHSA-p9xp-xghp-gqvp

EPSS Score

0.67879%

CWE

CWE-79

Published

5/24/2022

Updated

4/25/2024

KEV Status

Technology

PHP

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-13487

CVE-2020-13487:
bbPress stored Cross-Site Scripting (XSS) vulnerability in the Forum creation section

The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. An administrator can exploit this at the wp-admin/post.php?action=edit URI.

(GitHub Advisory)

4.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-13487

GHSA ID

GHSA-p9xp-xghp-gqvp

EPSS Score

0.67879%

CWE

CWE-79

Published

5/24/2022

Updated

4/25/2024

KEV Status

Technology

PHP

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
bbpress/bbpress	composer	<= 2.6.4

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper input sanitization in forum creation/editing combined with insufficient output escaping. Key points:

The attack vector requires admin privileges in the post editor (wp-admin/post.php), implicating backend save handlers
Stored XSS manifests in the admin list view (edit.php?post_type=forum), indicating rendering issues
bbPress's custom forum metadata handling (likely in metabox save functions) would be the primary suspect for unsanitized input storage
Admin list table implementations often require explicit escaping which might be missing in custom columns While exact code isn't available, the pattern matches common WordPress plugin XSS vulnerabilities where admin-side metabox handling fails to properly sanitize privileged user input before storage and display.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** **Pr*ss plu*in t*rou** *.*.* *or Wor*Pr*ss **s stor** XSS in t** *orum *r**tion s**tion, r*sultin* in J*v*S*ript *x**ution *t wp-**min/**it.p*p?post_typ*=*orum (*k* t** *orum listin* p***) *or *ll us*rs. *n **ministr*tor **n *xploit t*is *t t** w

Reasoning

T** vuln*r**ility st*ms *rom improp*r input s*nitiz*tion in *orum *r**tion/**itin* *om*in** wit* insu**i*i*nt output *s**pin*. K*y points: *. T** *tt**k v**tor r*quir*s **min privil***s in t** post **itor (wp-**min/post.p*p), impli**tin* ***k*n* s*v*

4.8

Basic Information

Concerned about an active attack path?

CVE-2020-13487: bbPress stored Cross-Site Scripting (XSS) vulnerability in the Forum creation section

4.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2020-13487:
bbPress stored Cross-Site Scripting (XSS) vulnerability in the Forum creation section

Vulnerability Intelligence
Miggo AI