Vulnerabilities > Gvectors > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-06-15 CVE-2019-19111 Cross-site Scripting vulnerability in Gvectors Wpforo 1.6.5
The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases langid parameter.
network
low complexity
gvectors CWE-79
6.1
6.1
2020-06-15 CVE-2019-19110 Cross-site Scripting vulnerability in Gvectors Wpforo 1.6.5
The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases s parameter.
network
low complexity
gvectors CWE-79
4.8
4.8
2018-06-04 CVE-2018-11709 Cross-site Scripting vulnerability in Gvectors Wpforo Forum
wpforo_get_request_uri in wpf-includes/functions.php in the wpForo Forum plugin before 1.4.12 for WordPress allows Unauthenticated Reflected Cross-Site Scripting (XSS) via the URI.
network
low complexity
gvectors CWE-79
6.1
6.1