Vulnerabilities > Gvectors > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-18 CVE-2023-49759 Unspecified vulnerability in Gvectors Woodiscuz - Woocommerce Comments
Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team WooDiscuz – WooCommerce Comments.This issue affects WooDiscuz – WooCommerce Comments: from n/a through 2.3.0.
network
low complexity
gvectors
8.8
8.8
2023-11-30 CVE-2023-47870 Unspecified vulnerability in Gvectors Wpforo Forum
Cross-Site Request Forgery (CSRF), Missing Authorization vulnerability in gVectors Team wpForo Forum wpforo allows Cross Site Request Forgery, Accessing Functionality Not Properly Constrained by ACLs leading to forced all users log out.This issue affects wpForo Forum: from n/a through 2.2.6.
network
low complexity
gvectors
8.8
8.8
2023-11-22 CVE-2023-47775 Unspecified vulnerability in Gvectors Wpdiscuz
Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions.
network
low complexity
gvectors
8.8
8.8
2023-06-09 CVE-2023-2249 Inclusion of Functionality from Untrusted Control Sphere vulnerability in Gvectors Wpforo Forum
The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forgery, and PHAR Deserialization in versions up to, and including, 2.1.7.
network
low complexity
gvectors CWE-829
8.8
8.8
2022-11-18 CVE-2022-43492 Authorization Bypass Through User-Controlled Key vulnerability in Gvectors Wpdiscuz 7.4.2
Auth.
network
low complexity
gvectors CWE-639
8.8
8.8
2022-11-17 CVE-2022-40192 Cross-Site Request Forgery (CSRF) vulnerability in Gvectors Wpforo Forum
Cross-Site Request Forgery (CSRF) vulnerability in wpForo Forum plugin <= 2.0.9 on WordPress.
network
low complexity
gvectors CWE-352
8.8
8.8
2022-11-17 CVE-2022-40200 Unrestricted Upload of File with Dangerous Type vulnerability in Gvectors Wpforo Forum
Auth.
network
low complexity
gvectors CWE-434
8.8
8.8
2022-09-09 CVE-2022-38144 Unspecified vulnerability in Gvectors Wpforo Forum
Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team wpForo Forum plugin <= 2.0.5 at WordPress.
network
low complexity
gvectors
8.8
8.8
2022-02-21 CVE-2022-23984 Information Exposure vulnerability in Gvectors Wpdiscuz
Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11).
network
low complexity
gvectors CWE-200
7.5
7.5
2020-06-15 CVE-2019-19109 Cross-Site Request Forgery (CSRF) vulnerability in Gvectors Wpforo 1.6.5
The wpForo plugin 1.6.5 for WordPress allows wp-admin/admin.php?page=wpforo-usergroups CSRF.
network
low complexity
gvectors CWE-352
8.8
8.8