CVE

CVE-2023-47870

Severity:
HIGH
Type:
CWE-352 Cross-Site Request Forgery (CSRF)
Publication date:
30/11/2023
Last modified:
06/12/2023

Description

Cross-Site Request Forgery (CSRF), Missing Authorization vulnerability in gVectors Team wpForo Forum wpforo allows Cross Site Request Forgery, Accessing Functionality Not Properly Constrained by ACLs leading to forced all users log out.This issue affects wpForo Forum: from n/a through 2.2.6.<br /> <br />

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:gvectors:wpforo_forum:*:*:*:*:*:wordpress:*:* 2.2.6 (including)


botón arriba