BBPress Plugin for WordPress contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when certain input is not properly sanitized before being used in the wp/wp-content/plugins/bbpress/topic.php and wp/wp-content/plugins/bbpress/forum.php scripts, which discloses the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.
Remote / Network Access
Loss of Confidentiality
OSVDB is not aware of a solution for this vulnerability. It has been reported that this is not a valid vulnerability. If this is the case, no solution is necessary.