CVE-2026-40767

Vulnerability

The wpForo Forum plugin for WordPress versions prior to 3.0.2 contains a broken access control vulnerability that allows unauthenticated attackers to bypass authorization checks [1]. This flaw resides in the plugin's permission handling, enabling requests without proper authentication or nonce verification to execute privileged actions [1].

Exploitation

An attacker can exploit this vulnerability remotely without any authentication or user interaction [1]. By sending specially crafted HTTP requests to a vulnerable site, the attacker can trigger the missing access control checks [1]. The vulnerability is considered highly dangerous and is expected to be used in mass-exploit campaigns targeting thousands of websites [1].

Impact

Successful exploitation allows an unauthenticated attacker to perform actions that should require higher privileges, such as accessing or modifying sensitive data, or executing administrative functions [1]. The CVSS score of 7.5 reflects the high severity and potential for widespread compromise [1].

Mitigation

The vulnerability is fixed in version 3.0.2 of the wpForo Forum plugin [1]. Users are advised to update immediately to this version or later [1]. Patchstack has also issued a mitigation rule to block attacks until the update is applied [1]. No other workarounds are documented [1].