CVE-2026-28557

Name of the Vulnerable Software and Affected Versions wpForo Forum version 2.4.14

Description An issue exists in wpForo Forum that allows authenticated users to perform bulk wpForo usergroup reassignment. This is possible due to a missing capability check in the wpforo synch roles AJAX handler. An attacker can obtain a nonce from the usergroups admin page, which is accessible to any authenticated user, and then remap all wpForo usergroups to arbitrary WordPress roles. The vulnerable component is the wpforo synch roles handler.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the wpforo synch roles AJAX handler until a patch is available.