WordPress Plugin WP Forum Multiple Security Vulnerbilities - Vulnerability Database

WordPress Plugin WP Forum Multiple Security Vulnerbilities

Critical

Reference: No Reference

Title: WordPress Plugin WP Forum Multiple Security Vulnerbilities

Overview:

WordPress Plugin WP Forum is prone to an SQL injection vulnerability a cross-site scripting vulnerability multiple authentication bypass vulnerabilities an information disclosure vulnerability and an open email-relay vulnerability. Attackers can exploit the SQL injection issues to carry out unauthorized actions on the underlying database. Attackers can exploit the cross-site scripting issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. WordPress Plugin WP Forum version 1.7.8 is vulnerable other versions may also be affected.