Lucene search
K

124 matches found

CVE
CVE
added 2022/11/17 10:0 p.m.66 views

CVE-2022-40200

The CVE CVE-2022-40200 affects the WordPress wpForo Forum plugin prior to 2.0.9. Authenticated users (subscriber+) can upload arbitrary files due to a vulnerability in the plugin, enabling potential unauthorized file writes. The issue is documented across multiple sources (NVD/NVD-derived records...

9.9CVSS8.7AI score0.00868EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/17 10:0 p.m.10 views

CVE-2022-40200 WordPress wpForo Forum plugin <= 2.0.9 - Auth. Arbitrary File Upload vulnerability

Auth. subscriber+ Arbitrary File Upload vulnerability in wpForo Forum plugin = 2.0.9 on WordPress...

9.9CVSS9.5AI score0.00868EPSS
Exploits0References2
Patchstack
Patchstack
added 2022/11/17 12:0 a.m.26 views

WordPress wpForo Forum plugin <= 2.0.9 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by dhakalananda Patchstack Alliance in WordPress wpForo Forum plugin versions = 2.0.9. Solution Update the WordPress wpForo Forum plugin to the latest available version at least 2.1.0...

8.8CVSS3.8AI score0.00436EPSS
Exploits0Affected Software1
NVD
NVD
added 2022/11/08 7:15 p.m.28 views

CVE-2022-40632

Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 on WordPress leading to topic deletion...

5.4CVSS0.00254EPSS
Exploits0References2
NVD
NVD
added 2022/11/08 7:15 p.m.12 views

CVE-2022-40205

Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as solved/unsolved...

5.4CVSS0.00485EPSS
Exploits0References2
OSV
OSV
added 2022/11/08 7:15 p.m.6 views

CVE-2022-40205

Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as solved/unsolved...

4.3CVSS5.8AI score0.00485EPSS
Exploits0References2
Prion
Prion
added 2022/11/08 7:15 p.m.22 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 on WordPress leading to topic deletion...

5.8CVSS5.5AI score0.00254EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/11/08 7:15 p.m.12 views

Spoofing

Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as private/public...

4CVSS4.6AI score0.00455EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/08 6:31 p.m.9 views

CVE-2022-40206 WordPress wpForo Forum plugin <= 2.0.5 - Insecure direct object references (IDOR) vulnerability

Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as private/public...

6.3CVSS6.2AI score0.00455EPSS
Exploits0References2
CVE
CVE
added 2022/11/08 6:31 p.m.72 views

CVE-2022-40206

Summary (CVE-2022-40206) Insecure Direct Object References (IDOR) in the WordPress wpForo Forum plugin &lt;= 2.0.5. Affected component: wpForo Forum plugin for WordPress. Root cause: IDOR allows users with subscriber or higher roles to change a forum post’s visibility to private/public. Impact: e...

6.3CVSS4.8AI score0.00455EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/08 6:26 p.m.8 views

CVE-2022-40205 WordPress wpForo Forum plugin <= 2.0.5 - Insecure direct object references (IDOR) vulnerability

Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as solved/unsolved...

5.4CVSS5.4AI score0.00485EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/11/08 6:26 p.m.18 views

CVE-2022-40205 WordPress wpForo Forum plugin <= 2.0.5 - Insecure direct object references (IDOR) vulnerability

Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as solved/unsolved...

5.4CVSS5.7AI score0.00485EPSS
Exploits0References2
CVE
CVE
added 2022/11/08 6:26 p.m.77 views

CVE-2022-40205

The CVE-2022-40205 vulnerability concerns the WordPress wpForo Forum plugin, versions = 2.0.6) to resolve the issue.

5.4CVSS4.7AI score0.00485EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/11/08 6:23 p.m.16 views

CVE-2022-40632 WordPress wpForo Forum plugin <= 2.0.5 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 on WordPress leading to topic deletion...

5.4CVSS5.8AI score0.00254EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/08 12:0 a.m.5 views

PT-2022-25282 · WordPress · Wpforo Forum

Name of the Vulnerable Software and Affected Versions: wpForo Forum plugin versions = 2.0.5 Description: The issue is related to an insecure direct object references IDOR vulnerability. This vulnerability allows attackers with subscriber or higher user roles to mark any forum post as solved or...

5.4CVSS4.4AI score0.00485EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/11/08 12:0 a.m.5 views

WordPress plugin wpForo Forum 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS5.2AI score0.00485EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/11/08 12:0 a.m.5 views

PT-2022-25283 · WordPress · Wpforo Forum

Name of the Vulnerable Software and Affected Versions: wpForo Forum plugin versions = 2.0.5 Description: The issue is related to an insecure direct object references IDOR vulnerability. This vulnerability allows attackers with subscriber or higher user roles to mark any forum post as private or...

6.3CVSS4.4AI score0.00455EPSS
Exploits0References5
NVD
NVD
added 2022/09/09 3:15 p.m.25 views

CVE-2022-38144

Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 at WordPress...

8.8CVSS0.00405EPSS
Exploits0References2
OSV
OSV
added 2022/09/09 3:15 p.m.4 views

CVE-2022-38144

Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 at WordPress...

8.8CVSS5.8AI score0.00405EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/09 2:39 p.m.26 views

CVE-2022-38144 WordPress wpForo Forum plugin <= 2.0.5 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 at WordPress...

9AI score0.00405EPSS
Exploits0References2
Rows per page
Query Builder