The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forgery, and PHAR Deserialization in versions up to, and including, 2.1.7. This is due to the insecure use of file_get_contents without appropriate verification of the data being supplied to the function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to retrieve the contents of files like wp-config.php hosted on the system, perform a deserialization attack and possibly achieve remote code execution, and make requests to internal services.
References
Configurations
History
21 Nov 2024, 07:58
Type | Values Removed | Values Added |
---|---|---|
References | () https://plugins.trac.wordpress.org/browser/wpforo/tags/2.1.7/classes/Actions.php#L444 - Patch | |
References | () https://plugins.trac.wordpress.org/browser/wpforo/tags/2.1.8/classes/Actions.php#L437 - Patch | |
References | () https://www.wordfence.com/threat-intel/vulnerabilities/id/800fa098-b29f-4979-b7bd-b1186a4dafcb?source=cve - Third Party Advisory |
16 Jun 2023, 14:18
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-918 CWE-829 |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
First Time |
Gvectors
Gvectors wpforo Forum |
|
References | (MISC) https://plugins.trac.wordpress.org/browser/wpforo/tags/2.1.7/classes/Actions.php#L444 - Patch | |
References | (MISC) https://plugins.trac.wordpress.org/browser/wpforo/tags/2.1.8/classes/Actions.php#L437 - Patch | |
References | (MISC) https://www.wordfence.com/threat-intel/vulnerabilities/id/800fa098-b29f-4979-b7bd-b1186a4dafcb?source=cve - Third Party Advisory | |
CPE | cpe:2.3:a:gvectors:wpforo_forum:*:*:*:*:*:wordpress:*:* |
09 Jun 2023, 06:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-09 06:16
Updated : 2024-11-21 07:58
NVD link : CVE-2023-2249
Mitre link : CVE-2023-2249
CVE.ORG link : CVE-2023-2249
JSON object : View
Products Affected
gvectors
- wpforo_forum