wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to close or reopen any forum topic via the wpforo_close_ajax handler. Attackers submit a valid
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to approve or unapprove any forum post via the wpforo_approve_ajax AJAX handler. Attackers expl
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to move, merge, or split any forum topic via the topic_move, topic_merge, and topic_split form
wpForo Forum 2.4.14 contains a missing capability check vulnerability that allows authenticated users to trigger bulk wpForo usergroup reassignment via the wpforo_synch_roles AJAX handler. Attackers a
Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects wpForo Forum: from n/a through 3.0.6.
Missing Authorization vulnerability in Tomdever wpForo Forum wpforo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpForo Forum: from n/a through <= 2.4.10.
Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team wpForo Forum.This issue affects wpForo Forum: from n/a through 2.3.4.
Unauthenticated Broken Access Control in wpForo Forum < 3.0.2 versions.
wpForo Forum 2.4.14 contains an information disclosure vulnerability that allows unauthenticated users to retrieve private and unapproved forum topics via the global RSS feed endpoint. Attackers reque
The wpForo Forum plugin for WordPress is vulnerable to unauthorized modification of data due to the use of `extract($args, EXTR_OVERWRITE)` on user-controlled input in the `edit()` method of `classes/
Unauthenticated Broken Authentication in wpForo Forum <= 3.1.0 versions.
Missing Authorization vulnerability in Ultimate Member ForumWP forumwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ForumWP: from n/a through <= 2.1.4.
Authorization Bypass Through User-Controlled Key vulnerability in Tomdever wpForo Forum wpforo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpForo Forum:
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in gVectors Team wpForo Forum.This issue affects wpForo Forum: from n/a through 2.3.4.
Missing Authorization vulnerability in WPWebinarSystem WebinarPress wp-webinarsystem allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebinarPress: from n/a t
Missing Authorization vulnerability in WPWebinarSystem WebinarPress wp-webinarsystem allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebinarPress: from n/a t
The wpForo Forum plugin for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'update' method of the 'Members' class in all versions up to, and including, 2.4.
The LatePoint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.1.94. This is due to missing nonce validation on the change_password() function o
Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum wpforo allows Privilege Escalation.This issue affects wpForo Forum: from n/a through <= 2.4.2.
Missing Authorization vulnerability in WPXPO WowRevenue revenue.This issue affects WowRevenue: from n/a through <= 1.2.13.
Page 1+ Next →