Lucene search
Dhakal Ananda (Patchstack Alliance)PATCHSTACK:12AE60BC941D57889F1B9876F121E5AAHistorySep 26, 2022 - 12:00 a.m.
WordPress wpForo Forum plugin <= 2.0.5 - Insecure direct object references (IDOR) vulnerability
2022-09-2600:00:00
Dhakal Ananda (Patchstack Alliance)
patchstack.com
18
wordpress
wpforo forum
insecure direct object references
0.001 Low
EPSS
Percentile
19.5%
Insecure direct object references (IDOR) vulnerability that allows subscriber+ users to mark any forum post as Private/Public was discovered by Dhakal Ananda (Patchstack Alliance) in the WordPress wpForo Forum plugin (versions <= 2.0.5).
Solution
Update the WordPress wpForo Forum plugin to the latest available version (at least 2.0.6).
| CPE | Name | Operator | Version |
|---|---|---|---|
| wpforo forum | le | 2.0.5 |
Related
prion
prion
Spoofing
2022-11-08 19:15:00
cvelist
cvelist
cve
cve
CVE-2022-40206
2022-11-26 00:00:00
nvd
nvd
CVE-2022-40206
2022-11-08 19:15:14