bbPress is a popular WordPress plug-in that enables forum features for WordPress blogs.
bbPress released an official update, fixing a storage-type XSS vulnerability. Attackers may exploit this vulnerability to steal the identification information of visitors or administrators to perform malicious or unauthorized operations.
bbPress < 2.5.9
Use Alibaba Cloud Security Web Application Firewall to intercept the attacking code for this vulnerability.
Upgrade bbPress to v2.5.9 or later versions.