PT-2019-9356 · Wpforo · Wpforo Forum

Published

2019-06-19

Updated

2020-08-24

CVE-2018-16613

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions wpForo Forum plugin versions prior to 1.5.2

Description A privilege escalation issue was discovered in the update function of the wpForo Forum plugin. This allows a registered forum user to escalate their privileges to those of a forum administrator without requiring any user interaction.

Recommendations For versions prior to 1.5.2, update to version 1.5.2 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-16613

Affected Products

Wpforo Forum

PT-2019-9356 · Wpforo · Wpforo Forum

CVE-2018-16613

Related Identifiers

Affected Products

References · 5