2
0
0
0
Vulnerability Timeline
2 vulnerabilities discovered over time for Wpforo forum
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-28562 | 8.8 | This vulnerability allows an attacker to extract sensitive information, like user credentials, from the WordPress database by manipulating a specific parameter in the wpForo forum software. It can be exploited without needing to log in, making it particularly dangerous for sites using version 2.4.14. | gvectorswpforo forum | Theoretical | about 1 month agoFeb 28, 2026 |
| CVE-2026-28557 | 7.1 | This vulnerability allows an attacker, who is already logged in as an authenticated user, to change the user group assignments for all users in the wpForo forum to any WordPress role they choose. By exploiting this flaw, they can gain unauthorized access to sensitive areas of the forum or elevate their own privileges. | gvectorswpforo forum | Theoretical | about 1 month agoFeb 28, 2026 |
About Gvectors Wpforo forum Security
This page provides comprehensive security vulnerability tracking for Gvectors Wpforo forum. Our database includes all CVEs affecting this product, updated in real-time from official sources.
Each vulnerability listing includes detailed CVSS severity analysis, exploit availability status, AI-generated explanations, and direct links to official security patches and vendor advisories.
Security Recommendations
- • Always keep Wpforo forum updated to the latest version
- • Subscribe to security advisories from Gvectors
- • Monitor this page for new vulnerabilities affecting your version
- • Prioritize patching critical and high severity issues immediately