cleantalk
Vulnerabilities and Security Researches

wpForo Forum, CVE-2025-66070

CVE, Research URL

CVE-2025-66070

Home page URL

Security reports for wpForo Forum

Application

wpForo Forum

Published on
Dec 18, 2025
Research Description
Missing Authorization vulnerability in Tomdever wpForo Forum wpforo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpForo Forum: from n/a through <= 2.4.10.
Affected versions
max 2.4.10.
Status
vulnerable
Previous vulnerability researches
SKT Skill Bar (CVE-2025-66090) , Dec 11, 2025
SKT Skill Bar (CVE-2024-38698) , Jul 15, 2024
SKT Skill Bar (CVE-2025-47482) , May 09, 2025
SKT Skill Bar (CVE-2025-26880) , Apr 15, 2025
New vulnerability
Document Library Lite (CVE-2025-67986) , Jan 09, 2026
Document Library Lite (CVE-2025-67985) , Jan 09, 2026
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &amp; Restrict Content – ProfilePress (CVE-2025-13642) , Jan 09, 2026
Ultimate FAQ &#8211; WordPress FAQ and Accordion Plugin (CVE-2025-67590) , Jan 09, 2026
Import CSV or XML Datafeed With Ease (CVE-2025-14627) , Jan 09, 2026