CVE-2023-47870

Summary

Cross-Site Request Forgery (CSRF), Missing Authorization vulnerability in gVectors Team wpForo Forum wpforo allows Cross Site Request Forgery, Accessing Functionality Not Properly Constrained by ACLs leading to forced all users log out.This issue affects wpForo Forum: from n/a through 2.2.6.

Affected Software

VendorProductVersion RangeStatus
gVectors TeamwpForo Forumn/a <= 2.2.6affected

Weaknesses

  • CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)
  • CWE-862: CWE-862 Missing Authorization

ADP Enrichment

CVE Program Container

Additional References

References