CVE-2026-28554 | gVectors wpForo Forum up to 2.4.15 AJAX wpforo_approve_ajax authorization

A vulnerability was found in gVectors wpForo Forum up to 2.4.15. It has been classified as critical. Affected by this issue is the function wpforo_approve_ajax of the component AJAX Handler. This manipulation causes missing authorization.

This vulnerability appears as CVE-2026-28554. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More