CVE-2022-40206

Publication date

2022-11-08 18:31:21

Family

Patchstack

State

PUBLISHED

Description

Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as private/public.