CVE-2025-11740 | wpForo Forum Plugin up to 2.4.9 on WordPress sql injection

October 31, 2025 Yanac

A vulnerability classified as critical has been found in wpForo Forum Plugin up to 2.4.9 on WordPress. The affected element is an unknown function. The manipulation leads to sql injection.

This vulnerability is referenced as CVE-2025-11740. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More

CVE-2025-6574 | aonetheme Service Finder Bookings Plugin up to 6.0 on WordPress privilege escalation
CVE-2025-12038 | Folderly Plugin up to 0.3 on WordPress REST API Endpoint clear-all-data improper authorization