Gvectors Vulnerabilities
Comprehensive security vulnerability database for Gvectors products
3
1
11
13
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-22182 | 8.7 | This vulnerability allows an attacker to overwhelm subscribers with mass notification emails by exploiting a flaw in the wpDiscuz plugin, which lets anyone send repeated requests without proper checks. The attacker just needs to know the post and comment IDs, and they can easily flood users' inboxes without needing to log in. | gvectorswpdiscuz | Exploit Available | 25 days agoMar 13, 2026 |
| CVE-2026-28562 | 8.8 | This vulnerability allows an attacker to extract sensitive information, like user credentials, from the WordPress database by manipulating a specific parameter in the wpForo forum software. It can be exploited without needing to log in, making it particularly dangerous for sites using version 2.4.14. | gvectorswpforo forum | Theoretical | about 1 month agoFeb 28, 2026 |
| CVE-2026-28557 | 7.1 | This vulnerability allows an attacker, who is already logged in as an authenticated user, to change the user group assignments for all users in the wpForo forum to any WordPress role they choose. By exploiting this flaw, they can gain unauthorized access to sensitive areas of the forum or elevate their own privileges. | gvectorswpforo forum | Theoretical | about 1 month agoFeb 28, 2026 |
About Gvectors Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Gvectors products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.