Lucene search
K

319 matches found

Nuclei
Nuclei
added 8 hours ago77 views

wpForo Forum <= 2.1.8 - Cross-Site Scripting

The wpForo Forum plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘wpforodebug’ function in versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS6.9AI score0.00838EPSS
Exploits1References4
Nuclei
Nuclei
added 8 hours ago41 views

wpForo Forum <= 2.4.14 - SQL Injection

wpForo Forum WordPress plugin = 2.4.14 contains a time-based SQL injection caused by insufficient escaping of the 'wpfob' parameter, letting unauthenticated attackers extract sensitive database information. id: CVE-2026-1581 info: name: wpForo Forum = 2.4.14 - SQL Injection author: Shivam Kamboj...

7.5CVSS6.1AI score0.01727EPSS
Exploits1References2
Nuclei
Nuclei
added 8 hours ago45 views

WordPress wpForo Forum < 1.9.7 - Open Redirect

WordPress wpForo Forum 1.9.7 is susceptible to an open redirect vulnerability because the plugin did not validate the redirectto parameter in the login form of the forum, leading to an open redirect issue after a successful login. id: CVE-2021-24406 info: name: WordPress wpForo Forum 1.9.7 - Open...

6.1CVSS6.4AI score0.03379EPSS
Exploits2References4
NVD
NVD
added 2026/06/26 3:16 p.m.10 views

CVE-2026-57636

Contributor SQL Injection in wpForo Forum = 3.0.9 versions...

8.5CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.34 views

CVE-2026-57636 WordPress wpForo Forum plugin <= 3.0.9 - SQL Injection vulnerability

Contributor SQL Injection in wpForo Forum = 3.0.9 versions...

8.5CVSS0.00211EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:53 p.m.21 views

CVE-2026-57636

CVE-2026-57636 describes a Contributor SQL Injection in the WordPress wpForo Forum plugin (versions ≤ 3.0.9). Affected will be the wpForo Forum component; root cause is unsafe SQL query construction that enables SQL injection. Impact per the entry’s metrics is high: CVSS 3.1 base score 8.5, Confi...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:53 p.m.6 views

EUVD-2026-39752

Contributor SQL Injection in wpForo Forum = 3.0.9 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 2:53 p.m.6 views

CVE-2026-57636

Contributor SQL Injection in wpForo Forum = 3.0.9 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/26 12:31 p.m.6 views

WordPress wpForo Forum plugin <= 3.0.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin wpForo Forum versions = 3.0.9...

8.5CVSS5.8AI score0.00211EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/06/17 6:35 p.m.12 views

EUVD-2026-37623

Unauthenticated Broken Authentication in wpForo Forum = 3.1.0 versions...

9.8CVSS5.2AI score0.00548EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 1:20 p.m.11 views

CVE-2026-49767

Unauthenticated Broken Authentication in wpForo Forum = 3.1.0 versions...

9.8CVSS0.00548EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:51 a.m.31 views

CVE-2026-49767 WordPress wpForo Forum plugin <= 3.1.0 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in wpForo Forum = 3.1.0 versions...

9.8CVSS0.00548EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 9:30 p.m.11 views

EUVD-2026-36977

Unauthenticated Broken Access Control in wpForo Forum 3.0.2 versions...

7.5CVSS5.1AI score0.00287EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:17 p.m.13 views

CVE-2026-49769

Unauthenticated PHP Object Injection in wpForo Forum = 3.1.0 versions...

9.8CVSS0.00383EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.9 views

CVE-2026-40798

Unauthenticated SQL Injection in wpForo Forum = 3.0.4 versions...

9.3CVSS0.00283EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.7 views

CVE-2026-40767

Unauthenticated Broken Access Control in wpForo Forum 3.0.2 versions...

7.5CVSS0.00287EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.28 views

CVE-2026-49769 WordPress wpForo Forum plugin <= 3.1.0 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in wpForo Forum = 3.1.0 versions...

9.8CVSS0.00383EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:18 p.m.9 views

EUVD-2026-36807

Unauthenticated SQL Injection in wpForo Forum = 3.0.4 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.33 views

CVE-2026-40798 WordPress wpForo Forum plugin <= 3.0.4 - SQL Injection vulnerability

Unauthenticated SQL Injection in wpForo Forum = 3.0.4 versions...

9.3CVSS0.00283EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.23 views

CVE-2026-40798

WPForo Forum plugin for WordPress &lt;= 3.0.4 is affected by an unauthenticated SQL injection vulnerability. The CVE entry cites unauthenticated SQL Injection in wpForo Forum &lt;= 3.0.4, with CVSSv3.1 base score 9.3 (CRITICAL) and impact TIC: Confidentiality High, Availability Low, no privileges...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References1
Rows per page
Query Builder