Vulnerabilities > Gvectors > Wpforo Forum > 2.2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-30 | CVE-2023-47870 | Missing Authorization vulnerability in Gvectors Wpforo Forum Cross-Site Request Forgery (CSRF), Missing Authorization vulnerability in gVectors Team wpForo Forum wpforo allows Cross Site Request Forgery, Accessing Functionality Not Properly Constrained by ACLs leading to forced all users log out.This issue affects wpForo Forum: from n/a through 2.2.6. | 8.8 |
2023-11-30 | CVE-2023-47872 | Cross-site Scripting vulnerability in Gvectors Wpforo Forum Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gVectors Team wpForo Forum allows Stored XSS.This issue affects wpForo Forum: from n/a through 2.2.3. | 5.4 |