Cross-Site Request Forgery (CSRF) vulnerability was discovered by Brandon Roldan (Patchstack Alliance) in the WordPress wpForo Forum plugin (versions <= 2.0.5).
Update the WordPress wpForo Forum plugin to the latest available version (at least 2.0.6).