wpForo Forum

Authenticated (Subscriber+) Arbitrary File Read in update vulnerability <= 2.4.1

Unauthenticated Sensitive Data Exposure vulnerability <= 2.3.4

Insecure Direct Object References (IDOR) vulnerability <= 2.3.4

Authenticated (Contributor+) SQL Injection vulnerability <= 2.3.3

Cross Site Scripting (XSS) vulnerability <= 2.2.3