Cross-Site Request Forgery (CSRF), Missing Authorization vulnerability in gVectors Team wpForo Forum wpforo allows Cross Site Request Forgery, Accessing Functionality Not Properly Constrained by ACLs leading to forced all users log out.This issue affects wpForo Forum: from n/a through 2.2.6.
References
Configurations
History
21 Nov 2024, 08:30
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.1 |
References | () https://patchstack.com/database/vulnerability/wpforo/wordpress-wpforo-plugin-2-2-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve - Third Party Advisory |
06 Dec 2023, 15:21
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
References | () https://patchstack.com/database/vulnerability/wpforo/wordpress-wpforo-plugin-2-2-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve - Third Party Advisory | |
First Time |
Gvectors
Gvectors wpforo Forum |
|
CPE | cpe:2.3:a:gvectors:wpforo_forum:*:*:*:*:*:wordpress:*:* |
30 Nov 2023, 18:18
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-30 18:15
Updated : 2024-11-21 08:30
NVD link : CVE-2023-47870
Mitre link : CVE-2023-47870
CVE.ORG link : CVE-2023-47870
JSON object : View
Products Affected
gvectors
- wpforo_forum