Medium severity6.3NVD Advisory· Published Nov 8, 2022· Updated Jun 17, 2026
CVE-2022-40206
CVE-2022-40206
Description
Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as private/public.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=2.0.5
- Range: <= 2.0.5
Patches
Vulnerability mechanics
References
2- patchstack.com/database/vulnerability/wpforo/wordpress-wpforo-forum-plugin-2-0-5-insecure-direct-object-references-idor-vulnerabilitynvdThird Party Advisory
- wordpress.org/plugins/wpforo/nvdProductRelease NotesThird Party Advisory
News mentions
0No linked articles in our index yet.