VulnCheck KEV: CVE-2024-11350

The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.1.6. This is due to the plugin not properly validating a user's identity prior to updating their password through the adforestresetpassword function. This makes it...

VulnCheck KEV: CVE-2024-11349

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.6. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the sbloginuserwithotpfun function. This makes it possible for unauthenticat...

WordPress AdForest theme <= 6.0.12 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by Phat RiO - BlueRock in WordPress Theme AdForest versions = 6.0.12...

CVE-2026-1729

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sbloginuserwithotpfun' function. This makes it possible for...

Exploit for CVE-2026-1729

CVE-2026-1729 - AdForest WordPress Authentication Bypass PoC...

CVE-2026-1729

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sbloginuserwithotpfun' function. This makes it possible for...

CVE-2026-1729 AdForest <= 6.0.12 - Authentication Bypass

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sbloginuserwithotpfun' function. This makes it possible for...

PT-2026-7806

Name of the Vulnerable Software and Affected Versions AdForest versions up to and including 6.0.12 Description The AdForest theme for WordPress is susceptible to authentication bypass. The issue stems from insufficient user identity verification before authentication via the sb login user with ot...

CVE-2025-67946

CVE-2025-67946 affects the WordPress theme AdForest (AdForest: &lt;= 6.0.11). The issue is described as an improper control of the filename for include/require, leading to a Local File Inclusion (LFI) vulnerability (initial description mentions a PHP Remote File Inclusion context but the observab...

CVE-2025-67946 WordPress AdForest theme <= 6.0.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in scriptsbundle AdForest adforest allows PHP Local File Inclusion.This issue affects AdForest: from n/a through = 6.0.11...

CVE-2025-67946 WordPress AdForest theme <= 6.0.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in scriptsbundle AdForest adforest allows PHP Local File Inclusion.This issue affects AdForest: from n/a through = 6.0.11...

WordPress AdForest theme <= 6.0.11 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme AdForest versions = 6.0.11...

CVE-2025-67569 WordPress AdForest theme <= 6.0.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in scriptsbundle AdForest adforest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AdForest: from n/a through = 6.0.11...

EUVD-2024-51156

Malicious code in bioql PyPI...

Exploit for CVE-2025-8359

CVE-2025-8359 AdForest = 6.0.9 - Authentication Bypass to...

CVE-2025-8359

The AdForest theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 6.0.9. This is due to the plugin not properly verifying a user's identity prior to authenticating them. This makes it possible for unauthenticated attackers to log in as other users,...

WordPress AdForest theme <= 6.0.9 - Authentication Bypass to Admin vulnerability

Authentication Bypass to Admin vulnerability discovered by Tonn in WordPress Theme AdForest versions = 6.0.9...

PT-2025-36349

Name of the Vulnerable Software and Affected Versions AdForest WordPress Theme versions prior to 6.1.0 Description The AdForest theme for WordPress is susceptible to an authentication bypass, allowing unauthorized user access. The theme does not properly verify a user’s identity before...

CVE-2024-12855

The AdForest theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions like 'sbremovead' in all versions up to, and including, 5.1.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, ...

CVE-2024-12857

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.8. This is due to the plugin not properly verifying a user's identity prior to logging them in as that user. This makes it possible for unauthenticated attackers to authenticate as an...