Show filters
44 Total Results
Displaying 41-44 of 44
Sort by:
Attacker Value
Unknown
CVE-2019-19110
Disclosure Date: June 15, 2020 (last updated February 21, 2025)
The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases s parameter.
0
Attacker Value
Unknown
CVE-2018-16613
Disclosure Date: June 19, 2019 (last updated November 27, 2024)
An issue was discovered in the update function in the wpForo Forum plugin before 1.5.2 for WordPress. A registered forum is able to escalate privilege to the forum administrator without any form of user interaction.
0
Attacker Value
Unknown
CVE-2018-11709
Disclosure Date: June 04, 2018 (last updated November 26, 2024)
wpforo_get_request_uri in wpf-includes/functions.php in the wpForo Forum plugin before 1.4.12 for WordPress allows Unauthenticated Reflected Cross-Site Scripting (XSS) via the URI.
0
Attacker Value
Unknown
CVE-2018-11515
Disclosure Date: May 28, 2018 (last updated November 26, 2024)
The wpForo plugin through 2018-02-05 for WordPress has SQL Injection via a search with the /forum/ wpfo parameter.
0