Vulnerabilities > Gvectors > Wpforo Forum > 2.3.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-28 | CVE-2025-0764 | Improper Input Validation vulnerability in Gvectors Wpforo Forum The wpForo Forum plugin for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'update' method of the 'Members' class in all versions up to, and including, 2.4.1. | 6.5 |
| 2024-08-26 | CVE-2024-43289 | Unspecified vulnerability in Gvectors Wpforo Forum Exposure of Sensitive Information to an Unauthorized Actor vulnerability in gVectors Team wpForo Forum.This issue affects wpForo Forum: from n/a through 2.3.4. | 7.5 |
| 2024-08-18 | CVE-2024-43288 | Authorization Bypass Through User-Controlled Key vulnerability in Gvectors Wpforo Forum Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team wpForo Forum.This issue affects wpForo Forum: from n/a through 2.3.4. | 8.1 |
| 2024-06-01 | CVE-2024-3200 | SQL Injection vulnerability in Gvectors Wpforo Forum The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the 'slug' attribute of the 'wpforo' shortcode in all versions up to, and including, 2.3.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |