CSRF and Missing Authorization Vulnerability in wpForo Forum: Forced Logout of All Users

CSRF and Missing Authorization Vulnerability in wpForo Forum: Forced Logout of All Users

CVE-2023-47870 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Cross-Site Request Forgery (CSRF), Missing Authorization vulnerability in gVectors Team wpForo Forum wpforo allows Cross Site Request Forgery, Accessing Functionality Not Properly Constrained by ACLs leading to forced all users log out.This issue affects wpForo Forum: from n/a through 2.2.6.

Learn more about our User Device Pen Test.