Medium severity5.4NVD Advisory· Published Nov 8, 2022· Updated Jun 17, 2026
CVE-2022-40205
CVE-2022-40205
Description
Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as solved/unsolved.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=2.0.5
- Range: <= 2.0.5
Patches
Vulnerability mechanics
References
2- patchstack.com/database/vulnerability/wpforo/wordpress-wpforo-forum-plugin-2-0-5-insecure-direct-object-references-idor-vulnerability-2nvdThird Party Advisory
- wordpress.org/plugins/wpforo/nvdProductRelease NotesThird Party Advisory
News mentions
0No linked articles in our index yet.