What the vulnerability does
01Description
Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum wpforo allows Privilege Escalation.This issue affects wpForo Forum: from n/a through <= 2.4.2.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
What the vulnerability does
Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum wpforo allows Privilege Escalation.This issue affects wpForo Forum: from n/a through <= 2.4.2.
Explanation of Vulnerability in Simple Terms
wpForo Forum versions up to 2.4.2 contain an improper access control vulnerability. An attacker with low-level user privileges can modify forum data and read sensitive information without proper authorization checks. The vulnerability requires network access and valid user credentials but no additional user interaction.
What an attacker can do
Modify forum content and read sensitive data without proper authorization.
Potential impact on your site
Forum data integrity compromised; unauthorized users can alter posts and access restricted information.
Conditions required to exploit
Valid user account with low-level privileges; network access to the forum.
Key dates
External resources