EIP-2026-113590

PRE-CVE

WordPress Plugin bbPress - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113590. PoCs published by Dark-Puzzle.

AI-analyzed exploit summary This is a writeup describing multiple vulnerabilities in the bbpress WordPress plugin, including SQL injection, full path disclosure, and directory listing. No exploit code is provided, only examples of vulnerable endpoints.

Description

WordPress Plugin bbPress - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED

by Dark-Puzzle · textwebappsphp

https://www.exploit-db.com/exploits/22396

View Code ZIP pw:eip

This is a writeup describing multiple vulnerabilities in the bbpress WordPress plugin, including SQL injection, full path disclosure, and directory listing. No exploit code is provided, only examples of vulnerable endpoints.

Classification

Writeup 90%

Attack Type

Sqli | Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: bbpress WordPress plugin (All Versions)

No auth needed

Prerequisites: Access to the vulnerable bbpress plugin endpoints

MITRE ATT&CK

T1189 - Drive-by Compromise T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026