Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-04-13
CVE-2026-5809 - Wpforo Forum Plugin
The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.2. This is due to a two-step logic flaw: the topic_add() and topic_edit() action handlers accept arbitrary user-supplied data[*] arrays from $_REQUEST and store them as postmeta without restricting which fields may contain array values. Because 'body' is included in the allowed topic fields list, an attacker can supply data[body][fileurl] with an arbitrary file path (e.g., wp-config.php or an absolute server path). This poisoned fileurl is persisted to the plugin's custom postmeta…
PLUGIN
Wpforo Forum
CVE-2026-5809
Risk Score
Threat Entry
Updated 2026-04-07
CVE-2026-3666 - Wpforo Forum Plugin
The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2.4.16. This is due to a missing file name/path validation against path traversal sequences. This makes it possible for authenticated attackers, with subscriber level access and above, to delete arbitrary files on the server by embedding a crafted path traversal string in a forum post body and then deleting the post.
PLUGIN
Wpforo Forum
CVE-2026-3666
Risk Score
Threat Entry
Updated 2026-03-05
CVE-2026-28562 - wpForo Forum Plugin
wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics::get_topics() where the ORDER BY clause relies on ineffective esc_sql() sanitization on unquoted identifiers. Attackers exploit the wpfob parameter with CASE WHEN payloads to perform blind boolean extraction of credentials from the WordPress database.
PLUGIN
wpForo Forum
CVE-2026-28562
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-28561 - wpForo Forum Plugin
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows administrators to inject persistent JavaScript via forum description fields echoed without output escaping across multiple theme template files. On multisite installations or with a compromised admin account, attackers set a forum description containing HTML event handlers that execute when any user views the forum listing.
PLUGIN
wpForo Forum
CVE-2026-28561
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-28560 - wpForo Forum Plugin
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows script injection via forum URL data output into an inline script block using json_encode without the JSON_HEX_TAG flag. Attackers set a forum slug containing a closing script tag or unescaped single quote to break out of the JavaScript string context and execute arbitrary script in all visitors' browsers.
PLUGIN
wpForo Forum
CVE-2026-28560
Risk Score
Threat Entry
Updated 2026-03-04
CVE-2026-28557 - wpForo Forum Plugin
wpForo Forum 2.4.14 contains a missing capability check vulnerability that allows authenticated users to trigger bulk wpForo usergroup reassignment via the wpforo_synch_roles AJAX handler. Attackers access the usergroups admin page, accessible to any authenticated user, to obtain a nonce, then remap all wpForo usergroups to arbitrary WordPress roles.
PLUGIN
wpForo Forum
CVE-2026-28557
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-28559 - wpForo Forum Plugin
wpForo Forum 2.4.14 contains an information disclosure vulnerability that allows unauthenticated users to retrieve private and unapproved forum topics via the global RSS feed endpoint. Attackers request the RSS feed without a forum ID parameter, bypassing the privacy and status WHERE clauses that are only applied when a specific forum ID is present in the query.
PLUGIN
wpForo Forum
CVE-2026-28559
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-28556 - wpForo Forum Plugin
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to move, merge, or split any forum topic via the topic_move, topic_merge, and topic_split form action handlers. Attackers with a valid form nonce can reorganize arbitrary forum content without moderator permissions, including relocating topics to private forums.
PLUGIN
wpForo Forum
CVE-2026-28556
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-28555 - wpForo Forum Plugin
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to close or reopen any forum topic via the wpforo_close_ajax handler. Attackers submit a valid nonce with an arbitrary topic ID to bypass the moderator permission requirement and disrupt forum discussions.
PLUGIN
wpForo Forum
CVE-2026-28555
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-28558 - wpForo Forum Plugin
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows authenticated subscribers to upload SVG files as profile avatars through the avatar upload functionality. Attackers upload a crafted SVG containing CSS injection or JavaScript event handlers that execute in the browsers of any user who views the attacker's profile page.
PLUGIN
wpForo Forum
CVE-2026-28558
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-28554 - wpForo Forum Plugin
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to approve or unapprove any forum post via the wpforo_approve_ajax AJAX handler. Attackers exploit the nonce-only check by submitting a valid nonce with an arbitrary post ID to bypass moderation controls entirely.
PLUGIN
wpForo Forum
CVE-2026-28554
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1581 - Wpforo Forum Plugin
The wpForo Forum plugin for WordPress is vulnerable to time-based SQL Injection via the 'wpfob' parameter in all versions up to, and including, 2.4.14 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Wpforo Forum
CVE-2026-1581
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0910 - Wpforo Forum Plugin
The wpForo Forum plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.4.13 via deserialization of untrusted input in the 'wpforo_display_array_data' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed…
PLUGIN
Wpforo Forum
CVE-2026-0910
Risk Score
Threat Entry
Updated 2025-12-15
CVE-2025-13126 - Wpforo Forum Plugin
The wpForo Forum plugin for WordPress is vulnerable to generic SQL Injection via the `post_args` and `topic_args` parameters in all versions up to, and including, 2.4.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Wpforo Forum
CVE-2025-13126
Risk Score
Threat Entry
Updated 2025-11-04
CVE-2025-11740 - Wpforo Forum Plugin
The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the Subscriptions Manager in all versions up to, and including, 2.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Wpforo Forum
CVE-2025-11740
Risk Score
Threat Entry
Updated 2025-10-27
CVE-2025-4203 - Wpforo Forum Plugin
The wpForo Forum plugin for WordPress is vulnerable to error‐based or time-based SQL Injection via the get_members() function in all versions up to, and including, 2.4.8 due to missing integer validation on the 'offset' and 'row_count' parameters. The function blindly interpolates 'row_count' into a 'LIMIT offset,row_count' clause using esc_sql() rather than enforcing numeric values. MySQL 5.x’s grammar allows a 'PROCEDURE ANALYSE' clause immediately after a LIMIT clause. Unauthenticated attackers controlling 'row_count' can append a stored‐procedure call, enabling error‐based or time‐based blind SQL injection that can be used to extract sensitive…
PLUGIN
Wpforo Forum
CVE-2025-4203
Risk Score
Threat Entry
Updated 2025-07-10
CVE-2025-4406 - Wpforo Forum Plugin
The wpForo Forum plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
PLUGIN
Wpforo Forum
CVE-2025-4406
Risk Score
Threat Entry
Updated 2025-03-06
CVE-2025-0764 - Wpforo Forum Plugin
The wpForo Forum plugin for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'update' method of the 'Members' class in all versions up to, and including, 2.4.1. This makes it possible for authenticated attackers, with subscriber-level privileges or higher, to read arbitrary files on the server.
PLUGIN
Wpforo Forum
CVE-2025-0764
Risk Score
Threat Entry
Updated 2025-02-07
CVE-2024-3200 - Wpforo Forum Plugin
The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the 'slug' attribute of the 'wpforo' shortcode in all versions up to, and including, 2.3.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Wpforo Forum
CVE-2024-3200
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2023-2309 - Wpforo Forum Plugin
The wpForo Forum WordPress plugin before 2.1.9 does not escape some request parameters while in debug mode, leading to a Reflected Cross-Site Scripting vulnerability.
PLUGIN
Wpforo Forum
CVE-2023-2309
Risk Score