{"vulnerability": "CVE-2020-13487", "sightings": [{"uuid": "0ca80f25-f722-4c29-bfe2-bfe14a78f077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13487", "type": "seen", "source": "https://t.me/arpsyndicate/1941", "content": "#ExploitObserverAlert\n\nCVE-2020-13487\n\nDESCRIPTION: Exploit Observer has 27 entries related to CVE-2020-13487. The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. An administrator can exploit this at the wp-admin/post.php?action=edit URI.\n\nFIRST-EPSS: 0.002670000\nNVD-IS: 2.7\nNVD-ES: 1.7", "creation_timestamp": "2023-12-18T07:40:10.000000Z"}]}