wpForo Forum, CVE-2018-16613

CVE, Research URL: CVE-2018-16613
Home page URL: Security reports for wpForo Forum
Application: wpForo Forum
Published on: Jun 19, 2019
Research Description: An issue was discovered in the update function in the wpForo Forum plugin before 1.5.2 for WordPress. A registered forum is able to escalate privilege to the forum administrator without any form of user interaction.
Affected versions: Min -, max 1.5.2.
Status: vulnerable