Vulnerabilities > Gvectors

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-20	CVE-2023-3869	Missing Authorization vulnerability in Gvectors Wpdiscuz The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the voteOnComment function in versions up to, and including, 7.6.3. network low complexity gvectors CWE-862	5.3
2023-10-20	CVE-2023-3998	Missing Authorization vulnerability in Gvectors Wpdiscuz The wpDiscuz plugin for WordPress is vulnerable to unauthorized modification of data due to a missing authorization check on the userRate function in versions up to, and including, 7.6.3. network low complexity gvectors CWE-862	5.3
2023-07-24	CVE-2023-2309	Unspecified vulnerability in Gvectors Wpforo Forum The wpForo Forum WordPress plugin before 2.1.9 does not escape some request parameters while in debug mode, leading to a Reflected Cross-Site Scripting vulnerability. network low complexity gvectors	6.1
2023-06-19	CVE-2023-33213	Cross-site Scripting vulnerability in Gvectors Wpview Auth. network low complexity gvectors CWE-79	4.8
2023-06-09	CVE-2023-2249	Inclusion of Functionality from Untrusted Control Sphere vulnerability in Gvectors Wpforo Forum The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forgery, and PHAR Deserialization in versions up to, and including, 2.1.7. network low complexity gvectors CWE-829	8.8
2023-05-28	CVE-2023-33216	Cross-site Scripting vulnerability in Gvectors Woodiscuz - Woocommerce Comments Auth. network low complexity gvectors CWE-79	4.8
2022-11-18	CVE-2022-43492	Authorization Bypass Through User-Controlled Key vulnerability in Gvectors Wpdiscuz 7.4.2 Auth. network low complexity gvectors CWE-639	8.8
2022-11-17	CVE-2022-40192	Cross-Site Request Forgery (CSRF) vulnerability in Gvectors Wpforo Forum Cross-Site Request Forgery (CSRF) vulnerability in wpForo Forum plugin <= 2.0.9 on WordPress. network low complexity gvectors CWE-352	8.8
2022-11-17	CVE-2022-40200	Unrestricted Upload of File with Dangerous Type vulnerability in Gvectors Wpforo Forum Auth. network low complexity gvectors CWE-434	8.8
2022-11-08	CVE-2022-40205	Authorization Bypass Through User-Controlled Key vulnerability in Gvectors Wpforo Forum Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as solved/unsolved. network low complexity gvectors CWE-639	4.3

Vulnerabilities > Gvectors {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Gvectors"}]}

Vulnerabilities > Gvectors