WordPress Plugin bbPress Multiple Vulnerabilities - CVE-2020-13487

WordPress Plugin bbPress is prone to multiple vulnerabilities including cross-site scripting and privilege escalation. Exploiting these issues could allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site to steal cookie-based authentication credentials or to bypass the expected capabilities check and perform otherwise restricted actions. WordPress Plugin bbPress version 2.6.4 is vulnerable prior versions may also be affected.