VYPR

AdForest

by WordPress

CVEs (4)

  • CVE-2026-1729CriFeb 12, 2026
    risk 0.64cvss 9.8epss 0.01

    The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sb_login_user_with_otp_fun' function. This makes it…

  • CVE-2025-8359CriSep 6, 2025
    risk 0.64cvss 9.8epss 0.00

    The AdForest theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 6.0.9. This is due to the plugin not properly verifying a user's identity prior to authenticating them. This makes it possible for unauthenticated attackers to log in as…

  • CVE-2024-12857Jan 22, 2025
    risk 0.00cvss epss 0.01

    The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.8. This is due to the plugin not properly verifying a user's identity prior to logging them in as that user. This makes it possible for unauthenticated attackers to…

  • CVE-2024-11350Jan 8, 2025
    risk 0.00cvss epss 0.01

    The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.1.6. This is due to the plugin not properly validating a user's identity prior to updating their password through the adforest_reset_password()…