Tomdever Wpforo Forum vulnerabilities
22 known vulnerabilities affecting tomdever/wpforo_forum.
Total CVEs
22
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL4HIGH12MEDIUM6
Vulnerabilities
Page 1 of 2
CVE-2026-1581P1HIGHCVSS 7.5ExploitedPoC≤ 2.4.142026-02-19
CVE-2026-1581 [HIGH] CWE-89 CVE-2026-1581: The wpForo Forum plugin for WordPress is vulnerable to time-based SQL Injection via the 'wpfob' para
The wpForo Forum plugin for WordPress is vulnerable to time-based SQL Injection via the 'wpfob' parameter in all versions up to, and including, 2.4.14 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queri
nvd
CVE-2023-2249P2HIGHCVSS 8.8≤ 2.1.72023-06-09
CVE-2023-2249 [HIGH] CWE-98 CVE-2023-2249: The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forge
The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forgery, and PHAR Deserialization in versions up to, and including, 2.1.7. This is due to the insecure use of file_get_contents without appropriate verification of the data being supplied to the function. This makes it possible for authenticated attackers, with
nvd
CVE-2026-40798P2CRITICALCVSS 9.3≥ n/a, ≤ 3.0.42026-06-15
CVE-2026-40798 [CRITICAL] CWE-89 CVE-2026-40798: Unauthenticated SQL Injection in wpForo Forum <= 3.0.4 versions.
Unauthenticated SQL Injection in wpForo Forum <= 3.0.4 versions.
nvd
CVE-2026-49769P2CRITICALCVSS 9.8≥ n/a, ≤ 3.1.02026-06-15
CVE-2026-49769 [CRITICAL] CWE-502 CVE-2026-49769: Unauthenticated PHP Object Injection in wpForo Forum <= 3.1.0 versions.
Unauthenticated PHP Object Injection in wpForo Forum <= 3.1.0 versions.
nvd
CVE-2026-3666P2HIGHCVSS 8.8≤ 2.4.162026-04-04
CVE-2026-3666 [HIGH] CWE-22 CVE-2026-3666: The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to
The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2.4.16. This is due to a missing file name/path validation against path traversal sequences. This makes it possible for authenticated attackers, with subscriber level access and above, to delete arbitrary files on the server by embedding a
nvd
CVE-2026-0910P3HIGHCVSS 8.8≤ 2.4.132026-02-11
CVE-2026-0910 [HIGH] CWE-502 CVE-2026-0910: The wpForo Forum plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, a
The wpForo Forum plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.4.13 via deserialization of untrusted input in the 'wpforo_display_array_data' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No known POP chain is present in t
nvd
CVE-2026-57636P3HIGHCVSS 8.5≥ n/a, ≤ 3.0.92026-06-26
CVE-2026-57636 [HIGH] CWE-89 CVE-2026-57636: Contributor SQL Injection in wpForo Forum <= 3.0.9 versions.
Contributor SQL Injection in wpForo Forum <= 3.0.9 versions.
nvd
CVE-2026-6248P3HIGHCVSS 8.1≤ 3.0.52026-04-20
CVE-2026-6248 [HIGH] CWE-22 CVE-2026-6248: The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and
The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.5. This is due to two compounding flaws: the Members::update() method does not validate or restrict the value of file-type custom profile fields, allowing authenticated users to store an arbitrary path instead of a legitimate upload path; an
nvd
CVE-2025-13126P3HIGHCVSS 7.5≤ 2.4.122025-12-14
CVE-2025-13126 [HIGH] CWE-89 CVE-2025-13126: The wpForo Forum plugin for WordPress is vulnerable to generic SQL Injection via the `post_args` and
The wpForo Forum plugin for WordPress is vulnerable to generic SQL Injection via the `post_args` and `topic_args` parameters in all versions up to, and including, 2.4.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append
nvd
CVE-2026-42682P3CRITICALCVSS 9.1≥ n/a, ≤ 3.0.62026-06-01
CVE-2026-42682 [CRITICAL] CWE-862 CVE-2026-42682: Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configure
Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects wpForo Forum: from n/a through 3.0.6.
nvd
CVE-2025-4203P3HIGHCVSS 7.5≤ 2.4.82025-10-25
CVE-2025-4203 [HIGH] CWE-89 CVE-2025-4203: The wpForo Forum plugin for WordPress is vulnerable to error‐based or time-based SQL Injection via t
The wpForo Forum plugin for WordPress is vulnerable to error‐based or time-based SQL Injection via the get_members() function in all versions up to, and including, 2.4.8 due to missing integer validation on the 'offset' and 'row_count' parameters. The function blindly interpolates 'row_count' into a 'LIMIT offset,row_count' clause using esc_sql() rather
nvd
CVE-2026-40767P3HIGHCVSS 7.5≥ n/a, < 3.0.22026-06-15
CVE-2026-40767 [HIGH] CWE-281 CVE-2026-40767: Unauthenticated Broken Access Control in wpForo Forum < 3.0.2 versions.
Unauthenticated Broken Access Control in wpForo Forum < 3.0.2 versions.
nvd
CVE-2025-31420P3HIGHCVSS 7.6≤ 2.4.22025-04-04
CVE-2025-31420 [HIGH] CWE-266 CVE-2025-31420: Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum wpforo allows Privilege Escala
Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum wpforo allows Privilege Escalation.This issue affects wpForo Forum: from n/a through <= 2.4.2.
nvd
CVE-2025-66070P3HIGHCVSS 7.5≤ 2.4.102025-12-18
CVE-2025-66070 [HIGH] CWE-862 CVE-2025-66070: Missing Authorization vulnerability in Tomdever wpForo Forum wpforo allows Exploiting Incorrectly Co
Missing Authorization vulnerability in Tomdever wpForo Forum wpforo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpForo Forum: from n/a through <= 2.4.10.
nvd
CVE-2026-5809P3HIGHCVSS 7.1≤ 3.0.22026-04-11
CVE-2026-5809 [HIGH] CWE-73 CVE-2026-5809: The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and
The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.2. This is due to a two-step logic flaw: the topic_add() and topic_edit() action handlers accept arbitrary user-supplied data[*] arrays from $_REQUEST and store them as postmeta without restricting which fields may contain array values. Beca
nvd
CVE-2025-11740P3MEDIUMCVSS 6.5≤ 2.4.92025-11-01
CVE-2025-11740 [MEDIUM] CWE-89 CVE-2025-11740: The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the Subscriptions Manager i
The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the Subscriptions Manager in all versions up to, and including, 2.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and ab
nvd
CVE-2024-3200P3MEDIUMCVSS 6.5≤ 2.3.32024-06-01
CVE-2024-3200 [MEDIUM] CWE-89 CVE-2024-3200: The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the 'slug' attribute of the
The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the 'slug' attribute of the 'wpforo' shortcode in all versions up to, and including, 2.3.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor
nvd
CVE-2026-4666P3MEDIUMCVSS 6.5≤ 2.4.162026-04-17
CVE-2026-4666 [MEDIUM] CWE-862 CVE-2026-4666: The wpForo Forum plugin for WordPress is vulnerable to unauthorized modification of data due to the
The wpForo Forum plugin for WordPress is vulnerable to unauthorized modification of data due to the use of `extract($args, EXTR_OVERWRITE)` on user-controlled input in the `edit()` method of `classes/Posts.php` in all versions up to, and including, 2.4.16. The `post_edit` action handler in `Actions.php` passes `$_REQUEST['post']` directly to `Posts::ed
nvd
CVE-2025-0764P3MEDIUMCVSS 6.5≤ 2.4.12025-02-28
CVE-2025-0764 [MEDIUM] CWE-20 CVE-2025-0764: The wpForo Forum plugin for WordPress is vulnerable to arbitrary file read due to insufficient input
The wpForo Forum plugin for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'update' method of the 'Members' class in all versions up to, and including, 2.4.1. This makes it possible for authenticated attackers, with subscriber-level privileges or higher, to read arbitrary files on the server.
nvd
CVE-2025-4406P4MEDIUMCVSS 5.4≤ 2.4.52025-07-10
CVE-2025-4406 [MEDIUM] CWE-79 CVE-2025-4406: The wpForo Forum plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uplo
The wpForo Forum plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will exe
nvd
1 / 2Next →