8 matches found
CVE-2025-11740
The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the Subscriptions Manager in all versions up to, and including, 2.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
EUVD-2025-37420
The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the Subscriptions Manager in all versions up to, and including, 2.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-11740
The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the Subscriptions Manager in all versions up to, and including, 2.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-11740 wpForo Forum <= 2.4.9 - Authenticated (Susbscriber+) SQL Injection
The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the Subscriptions Manager in all versions up to, and including, 2.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-11740
CVE-2025-11740 affects WordPress plugin wpForo Forum,
PT-2025-44709
Name of the Vulnerable Software and Affected Versions wpForo Forum plugin for WordPress versions through 2.4.9 Description The wpForo Forum plugin for WordPress is susceptible to SQL Injection through the Subscriptions Manager. Insufficient escaping of user-supplied parameters and inadequate...
EUVD-2007-4895
Malware in sbrugna...
CVE-2007-4914
Unspecified vulnerability in the subscriptions manager in Invision Power Board IPB or IP.Board 2.3.1 before 20070912 allows remote authenticated users to change the member ID and reduce the privilege level of arbitrary users via a crafted payment form, related to 1 classgw2checkout.php, 2...