Vulnerabilities > Gvectors > Wpforo Forum > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-47870 | Missing Authorization vulnerability in Gvectors Wpforo Forum Cross-Site Request Forgery (CSRF), Missing Authorization vulnerability in gVectors Team wpForo Forum wpforo allows Cross Site Request Forgery, Accessing Functionality Not Properly Constrained by ACLs leading to forced all users log out.This issue affects wpForo Forum: from n/a through 2.2.6. | 8.8 |
| 2023-06-09 | CVE-2023-2249 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Gvectors Wpforo Forum The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forgery, and PHAR Deserialization in versions up to, and including, 2.1.7. | 8.8 |
| 2022-11-17 | CVE-2022-40192 | Cross-Site Request Forgery (CSRF) vulnerability in Gvectors Wpforo Forum Cross-Site Request Forgery (CSRF) vulnerability in wpForo Forum plugin <= 2.0.9 on WordPress. | 8.8 |
| 2022-11-17 | CVE-2022-40200 | Unrestricted Upload of File with Dangerous Type vulnerability in Gvectors Wpforo Forum Auth. | 8.8 |
| 2019-06-19 | CVE-2018-16613 | Unspecified vulnerability in Gvectors Wpforo Forum An issue was discovered in the update function in the wpForo Forum plugin before 1.5.2 for WordPress. | 7.5 |