Critical severity9.8NVD Advisory· Published May 28, 2018· Updated Jun 17, 2026
CVE-2018-11515
CVE-2018-11515
Description
The wpForo plugin through 2018-02-05 for WordPress has SQL Injection via a search with the /forum/ wpfo parameter.
Affected products
2<=2018-02-05+ 1 more
- (no CPE)range: <=2018-02-05
- (no CPE)range: <=2018-02-05
Package: https://wordpress.org/plugins/wpforo
Patches
Vulnerability mechanics
References
2- github.com/DediData/wpforo/issues/1nvdExploitIssue TrackingThird Party Advisory
- wpvulndb.com/vulnerabilities/9089nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.