CVE-2022-40205

Name of the Vulnerable Software and Affected Versions wpForo Forum plugin versions <= 2.0.5

Description The issue is related to an insecure direct object references (IDOR) vulnerability. This vulnerability allows attackers with subscriber or higher user roles to mark any forum post as solved or unsolved.

Recommendations For wpForo Forum plugin versions <= 2.0.5, update to a version higher than 2.0.5 to resolve the issue. As a temporary workaround, consider restricting the ability to mark posts as solved or unsolved to higher user roles until a patch is available.