RSS   Vulnerabilities for 'Wpforo'   RSS

2020-06-15
 
CVE-2019-19112

CWE-79
 

 
The wpForo plugin 1.6.5 for WordPress allows XSS involving the wpf-dw-td-value class of dashboard.php.

 
 
CVE-2019-19111

CWE-79
 

 
The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases langid parameter.

 
 
CVE-2019-19110

CWE-79
 

 
The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases s parameter.

 
 
CVE-2019-19109

CWE-352
 

 
The wpForo plugin 1.6.5 for WordPress allows wp-admin/admin.php?page=wpforo-usergroups CSRF.

 
2018-05-28
 
CVE-2018-11515

CWE-89
 

 
The wpForo plugin through 2018-02-05 for WordPress has SQL Injection via a search with the /forum/ wpfo parameter.

 

 >>> Vendor: Gvectors 3 Products
Wpforo
Wpforo forum
Wpdiscuz


Copyright 2024, cxsecurity.com

 

Back to Top