CVE-2026-32818

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topicdelete and postdelete actions in forum.php only validate the CSRF token but perfo...

CVE-2026-32818

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topicdelete and postdelete actions in forum.php only validate the CSRF token but perfo...

CVE-2026-32818 Admidio is Missing Authorization on Forum Topic and Post Deletion

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topicdelete and postdelete actions in forum.php only validate the CSRF token but perfo...

CVE-2026-32818 Admidio is Missing Authorization on Forum Topic and Post Deletion

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topicdelete and postdelete actions in forum.php only validate the CSRF token but perfo...

CVE-2026-32818 Admidio is Missing Authorization on Forum Topic and Post Deletion

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topicdelete and postdelete actions in forum.php only validate the CSRF token but perfo...

Admidio is Missing Authorization on Forum Topic and Post Deletion

Summary The forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topicdelete and postdelete actions in forum.php only validate the CSRF token but perform no authorization check before calling delete. Any authenticated user with...

GHSA-G375-5WMP-XR78 Admidio is Missing Authorization on Forum Topic and Post Deletion

Summary The forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topicdelete and postdelete actions in forum.php only validate the CSRF token but perform no authorization check before calling delete. Any authenticated user with...

Missing Authorization

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Missing Authorization in the topicdelete and postdelete processes. An attacker can remove any forum topic, including all associated...

PT-2026-26173

Summary The forum module in Admidio does not verify whether the current user has permission to delete forum topics or posts. Both the topic delete and post delete actions in forum.php only validate the CSRF token but perform no authorization check before calling delete. Any authenticated user wit...

EUVD-2022-43906

Malicious code in bioql PyPI...

CVE-2025-30357

CVE-2025-30357 affects NamelessMC forum software. In versions ≤ 2.1.4, a malicious user posting spam across topics could trigger deletion of that user by an admin, which would cause all that user’s posts (and in turn related topics by unrelated users) to be marked as deleted. The issue has been p...

NamelessMC 安全漏洞

NamelessMC is a free, easy to use and powerful website software from the NamelessMC team. For your Minecraft server, which contains tons of features. A security vulnerability exists in NamelessMC 2.1.4 and earlier versions that stems from the fact that deleting a malicious account causes the...

CVE-2022-40632

Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 on WordPress leading to topic deletion...

CVE-2022-40632

Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 on WordPress leading to topic deletion...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 on WordPress leading to topic deletion...

CVE-2022-40632

CVE-2022-40632 details a Cross-Site Request Forgery (CSRF) in the gVectors Team wpForo Forum plugin for WordPress, version

CVE-2022-40632 WordPress wpForo Forum plugin <= 2.0.5 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 on WordPress leading to topic deletion...

CVE-2022-40632 WordPress wpForo Forum plugin <= 2.0.5 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in gVectors Team wpForo Forum plugin = 2.0.5 on WordPress leading to topic deletion...

PT-2022-25430 · Gvectors Team · Wpforo Forum

Name of the Vulnerable Software and Affected Versions: gVectors Team wpForo Forum plugin versions = 2.0.5 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that can lead to topic deletion. This occurs in the gVectors Team wpForo Forum plugin on WordPress. Recommendations:...

Vanilla Forums Cross-Site Request Forgery Vulnerability

Vanilla Forums is a Canadian company Vanilla Forums PHP-based open source forum program . A cross-site request forgery vulnerability exists in versions of Vanilla Forums prior to 2.1.5. A remote attacker can exploit this vulnerability to delete topics and comments on the forum...