124 matches found
CVE-2022-40200
The CVE CVE-2022-40200 affects the WordPress wpForo Forum plugin prior to 2.0.9. Authenticated users (subscriber+) can upload arbitrary files due to a vulnerability in the plugin, enabling potential unauthorized file writes. The issue is documented across multiple sources (NVD/NVD-derived records...
CVE-2022-40200 WordPress wpForo Forum plugin <= 2.0.9 - Auth. Arbitrary File Upload vulnerability
Auth. subscriber+ Arbitrary File Upload vulnerability in wpForo Forum plugin = 2.0.9 on WordPress...
WordPress wpForo Forum plugin <= 2.0.9 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability discovered by dhakalananda Patchstack Alliance in WordPress wpForo Forum plugin versions = 2.0.9. Solution Update the WordPress wpForo Forum plugin to the latest available version at least 2.1.0...
CVE-2022-40632
Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 on WordPress leading to topic deletion...
CVE-2022-40205
Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as solved/unsolved...
CVE-2022-40205
Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as solved/unsolved...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 on WordPress leading to topic deletion...
Spoofing
Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as private/public...
CVE-2022-40206 WordPress wpForo Forum plugin <= 2.0.5 - Insecure direct object references (IDOR) vulnerability
Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as private/public...
CVE-2022-40206
Summary (CVE-2022-40206) Insecure Direct Object References (IDOR) in the WordPress wpForo Forum plugin <= 2.0.5. Affected component: wpForo Forum plugin for WordPress. Root cause: IDOR allows users with subscriber or higher roles to change a forum post’s visibility to private/public. Impact: e...
CVE-2022-40205 WordPress wpForo Forum plugin <= 2.0.5 - Insecure direct object references (IDOR) vulnerability
Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as solved/unsolved...
CVE-2022-40205 WordPress wpForo Forum plugin <= 2.0.5 - Insecure direct object references (IDOR) vulnerability
Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as solved/unsolved...
CVE-2022-40205
The CVE-2022-40205 vulnerability concerns the WordPress wpForo Forum plugin, versions = 2.0.6) to resolve the issue.
CVE-2022-40632 WordPress wpForo Forum plugin <= 2.0.5 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 on WordPress leading to topic deletion...
PT-2022-25282 · WordPress · Wpforo Forum
Name of the Vulnerable Software and Affected Versions: wpForo Forum plugin versions = 2.0.5 Description: The issue is related to an insecure direct object references IDOR vulnerability. This vulnerability allows attackers with subscriber or higher user roles to mark any forum post as solved or...
WordPress plugin wpForo Forum 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2022-25283 · WordPress · Wpforo Forum
Name of the Vulnerable Software and Affected Versions: wpForo Forum plugin versions = 2.0.5 Description: The issue is related to an insecure direct object references IDOR vulnerability. This vulnerability allows attackers with subscriber or higher user roles to mark any forum post as private or...
CVE-2022-38144
Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 at WordPress...
CVE-2022-38144
Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 at WordPress...
CVE-2022-38144 WordPress wpForo Forum plugin <= 2.0.5 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 at WordPress...