CVE-2025-4203 | wpForo Forum Plugin up to 2.4.8/5.x on WordPress get_members row_count sql injection

October 24, 2025 Yanac

A vulnerability was found in wpForo Forum Plugin up to 2.4.8/5.x on WordPress. It has been rated as critical. This impacts the function get_members. This manipulation of the argument row_count causes sql injection.

This vulnerability appears as CVE-2025-4203. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-11244 | Password Protected Plugin up to 2.7.11 on WordPress Header pp_get_ip_address X-Forwarded-For authorization
CVE-2025-6639 | Tutor LMS Pro Plugin up to 3.8.3 on WordPress tutor_assignment_submit resource injection