A possible Cross-Site security vulnerability has been identified by NetAgent Co., Ltd. and JPCERT/CC Lt - http://jvn.jp/
The issue is with the forum search not correctly filtering out javascript. This new release addresses that issue and all sites are recommended to upgrade to this latest release which is now available in the downloads area.
The upgrade steps are to replace the changed files and run the plugin upgrade.- public_html/index.php
- config.php
- functions.inc