What the vulnerability does
01Description
Unauthenticated Broken Access Control in wpForo Forum < 3.0.2 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
What the vulnerability does
Unauthenticated Broken Access Control in wpForo Forum < 3.0.2 versions.
Explanation of Vulnerability in Simple Terms
wpForo Forum versions before 3.0.2 expose sensitive information to unauthenticated attackers over the network. The vulnerability allows reading confidential data without requiring user interaction or special network conditions. Administrators should update to version 3.0.2 or later immediately.
What an attacker can do
Read sensitive information from the forum without logging in.
Potential impact on your site
Forum data accessible to anyone on the internet; potential exposure of private discussions or user information.
Conditions required to exploit
Network access to the forum; no authentication or user interaction required.
Key dates
External resources