Vulnerabilities > Gvectors > Wpforo > 1.6.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-15 | CVE-2019-19112 | Cross-site Scripting vulnerability in Gvectors Wpforo 1.6.5 The wpForo plugin 1.6.5 for WordPress allows XSS involving the wpf-dw-td-value class of dashboard.php. | 4.3 |
| 2020-06-15 | CVE-2019-19111 | Cross-site Scripting vulnerability in Gvectors Wpforo 1.6.5 The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases langid parameter. | 4.3 |
| 2020-06-15 | CVE-2019-19110 | Cross-site Scripting vulnerability in Gvectors Wpforo 1.6.5 The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases s parameter. | 3.5 |
| 2020-06-15 | CVE-2019-19109 | Cross-Site Request Forgery (CSRF) vulnerability in Gvectors Wpforo 1.6.5 The wpForo plugin 1.6.5 for WordPress allows wp-admin/admin.php?page=wpforo-usergroups CSRF. | 6.8 |