Product: GD bbPress Attachments
Active installations: 10,000+
Product page: https://it.wordpress.org/plugins/gd-bbpress-attachments/
$error['file'] in **/code/**attachments/front.php (line 349) is not escaped.
Proof of Concept
GD bbPress Attachments 2.5 is vulnerable, probably earlier versions too.
24/04/2018 – I send the report
27/04/2018 –GD bbPress Attachments is updated to version 2.6 and the vulnerability is fixed
14/05/2018 – Public disclosure