Tiago Ventura

**Name of the Vulnerable Software and Affected Versions** wpForo Forum versions prior to 3.0.7 **Description** A missing authorization issue in the wpForo Forum allows for the exploitation of incorrectly configured access control security levels. **Recommendations** Update to version 3.0.7 or later.

**Name of the Vulnerable Software and Affected Versions** Advanced Access Manager versions prior to 7.1.1 **Description** An authentication bypass by spoofing issue exists in the Advanced Access Manager plugin. This flaw allows the use of URL Encoding to bypass security controls. **Recommendations** Update to a version later than 7.1.0.

**Name of the Vulnerable Software and Affected Versions** Frontend Admin by DynamiApps versions prior to 3.29.3 **Description** An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. Authenticated attackers with subscriber-level access or higher can overwrite an administrator's profile fields, including `user pass`, `user email`, `first name`, and `last name`, by providing an arbitrary `user id` value. This allows for full administrator account takeover through direct password replacement or email-redirect password resets. This issue occurs when the Edit-User form has its 'Roles' configuration setting left empty; if a non-empty roles list is configured, the `load data()` function sets the user ID to 'none' for unauthorized users, preventing the targeting of administrators. **Recommendations** Update the plugin to a version later than 3.29.2. As a temporary mitigation, ensure the 'Roles' configuration setting in the Edit-User form is not left empty to prevent unauthorized users from targeting administrator accounts via the `load data()` function.