Vulnerabilities > Gvectors > Wpforo Forum

DATE CVE VULNERABILITY TITLE RISK
2022-09-09 CVE-2022-38144 Unspecified vulnerability in Gvectors Wpforo Forum
Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team wpForo Forum plugin <= 2.0.5 at WordPress.
network
low complexity
gvectors
8.8
2021-07-06 CVE-2021-24406 Unspecified vulnerability in Gvectors Wpforo Forum
The wpForo Forum WordPress plugin before 1.9.7 did not validate the redirect_to parameter in the login form of the forum, leading to an open redirect issue after a successful login.
network
low complexity
gvectors
6.1
2019-06-19 CVE-2018-16613 Unspecified vulnerability in Gvectors Wpforo Forum
An issue was discovered in the update function in the wpForo Forum plugin before 1.5.2 for WordPress.
network
low complexity
gvectors
critical
9.8
2018-06-04 CVE-2018-11709 Cross-site Scripting vulnerability in Gvectors Wpforo Forum
wpforo_get_request_uri in wpf-includes/functions.php in the wpForo Forum plugin before 1.4.12 for WordPress allows Unauthenticated Reflected Cross-Site Scripting (XSS) via the URI.
network
low complexity
gvectors CWE-79
6.1