CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Vulnrichment•added 2024/08/26 4:6 p.m.•18 views

CVE-2024-43289 WordPress wpForo Forum plugin <= 2.3.4 - Unauthenticated Sensitive Data Exposure vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in gVectors Team wpForo Forum.This issue affects wpForo Forum: from n/a through 2.3.4...

7.5CVSS6.9AI score0.00975EPSS

Exploits0References1

Patchstack•added 2024/08/16 12:0 a.m.•10 views

WordPress wpForo Forum Plugin <= 2.3.4 is vulnerable to Insecure Direct Object References (IDOR)

Software wpForo Forum Type Plugin Vulnerable versions = 2.3.4 Fixed in 2.3.5 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-43288 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 84baf52495a3 Credits Ananda Dhakal...

8.1CVSS6.5AI score0.00092EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/08/16 12:0 a.m.•10 views

WordPress wpForo Forum Plugin <= 2.3.4 is vulnerable to Sensitive Data Exposure

Software wpForo Forum Type Plugin Vulnerable versions = 2.3.4 Fixed in 2.3.5 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-43289 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID ac5555013147 Credits Ananda Dhakal Patchstack...

7.5CVSS6.6AI score0.00975EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/06/03 12:0 a.m.•7 views

WordPress wpForo Forum Plugin <= 2.3.3 is vulnerable to SQL Injection

Software wpForo Forum Type Plugin Vulnerable versions = 2.3.3 Fixed in 2.3.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-3200 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 101daf0caeac Credits Krzysztof Zając Required privilege Contributor...

9.9CVSS6.8AI score0.01029EPSS

Exploits0References3Affected Software1

Patchstack•added 2023/11/20 12:0 a.m.•21 views

WordPress wpForo Forum Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS)

Software wpForo Forum Type Plugin Vulnerable versions = 2.2.3 Fixed in 2.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47872 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID da62b115c79c Credits Jesse McNeil Required privilege...

6.5CVSS6.8AI score0.00181EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/07/06 12:0 a.m.•7 views

WordPress wpForo Forum Plugin < 2.1.9 is vulnerable to Cross Site Scripting (XSS)

Software wpForo Forum Type Plugin Vulnerable versions 2.1.9 Fixed in 2.1.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2309 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID f15f5dd16590 Credits Alex Sanford Required privile...

6.1CVSS5.7AI score0.15248EPSS

Exploits1References4Affected Software1

CNVD•added 2020/06/16 12:0 a.m.•10 views

WordPress wpForo Forum plugin cross-site scripting vulnerability (CNVD-2021-24375)

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wpForo Forum plugin is a forum plugin used in it. A cross-site scripting vulnerability exists in WordPress wpForo Forum...

4.8CVSS6.2AI score0.00186EPSS

Exploits2References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by