CVE-2024-43289

Published: Aug 26, 2024Modified: Feb 6, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in gVectors Team wpForo Forum.This issue affects wpForo Forum: from n/a through 2.3.4.

Affected (1)

Products: Gvectors: Wpforo Forum

Gvectors

1 product

Wpforo Forum

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Gvectors Wpforo Forum	Before 2.3.5

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (1)

https://patchstack.com/database/vulnerability/wpforo/wordpress-wpforo-forum-plugin-2-3-4-unauthenticated-sensitive-data-exposure-vulnerability?_s_id=cve

Source: audit@patchstack.com

Third Party Advisory

Timeline

No history available yet.