WordPress Plugin Vulnerabilities

wpForo Forum < 2.4.7 - Authenticated (Subscriber+) Insecure Direct Object Reference

Description

The wpForo Forum plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.6 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform unauthorized actions.

Affects Plugins

Plugin icon
wpforo
Fixed in 2.4.7

References

CVE
CVE-2025-58597
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/aa830c67-2860-489f-aa67-c7cc74437709

Classification

Type
IDOR
OWASP top 10
A5: Broken Access Control
CWE
CWE-639
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Muhammad Zidan Ali Mansur
Verified
No
WPVDB ID
27dd9a6f-efca-472e-8e37-cf2d84115226

Timeline

Publicly Published
2025-09-03 (about 8 months ago)
Added
2025-09-11 (about 8 months ago)
Last Updated
2025-09-11 (about 8 months ago)

Other

Published
Title
Published
2025-05-01
Title
Homey - Booking and Rentals WordPress Theme < 2.4.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Deletion
Published
2026-01-02
Title
Justicia <= 1.2 - Authenticated (Subscriber+) Insecure Direct Object Reference
Published
2024-08-12
Title
WP Job Portal < 2.1.9 - Subscriber+ Insecure Direct Object Reference
Published
2025-11-20
Title
ELEX WordPress HelpDesk & Customer Ticketing System < 3.3.0 - Authenticated (Subscriber+) Insecure Direct Object Reference via 'eh_crm_ticket_single_view_client'
Published
2021-07-27
Title
uListing < 2.0.6 - Authenticated IDOR