cleantalk
Vulnerabilities and Security Researches

wpForo Forum, CVE-2023-2309

CVE, Research URL

CVE-2023-2309

Home page URL

Security reports for wpForo Forum

Application

wpForo Forum

Published on
Jul 24, 2023
Research Description
The wpForo Forum WordPress plugin before 2.1.9 does not escape some request parameters while in debug mode, leading to a Reflected Cross-Site Scripting vulnerability.
Affected versions
max 2.1.9.
Status
vulnerable
Previous vulnerability researches
wpForo Forum (CVE-2019-19109) , Jun 06, 2024
wpForo Forum (CVE-2022-40205) , Jun 06, 2024
wpForo Forum (CVE-2021-24406) , Jun 06, 2024
wpForo Forum (CVE-2022-38144) , Jun 06, 2024
wpForo Forum (CVE-2019-19112) , Jun 06, 2024
New vulnerability
Best WordPress Gallery Plugin – FooGallery (CVE-2026-25362) , Mar 29, 2026
Best WordPress Gallery Plugin – FooGallery (CVE-2026-25363) , Mar 29, 2026
Best WordPress Gallery Plugin – FooGallery (CVE-2025-15524) , Mar 29, 2026
Photo Gallery by 10Web – Mobile-Friendly Image Gallery (CVE-2026-27360) , Mar 29, 2026
Photo Gallery by 10Web – Mobile-Friendly Image Gallery (CVE-2026-32330) , Mar 29, 2026