Security Advisory

CVE-2022-40206

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-08 18:31:21

Last updated 2026-04-28 16:07:47

Assigner Patchstack

State PUBLISHED

Description

Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as private/public.

← Browse all CVEs View on cve.org ↗