CVE-2026-6248 | tomdever wpForo Forum Plugin up to 3.0.5 on WordPress Members::update path traversal

A vulnerability was found in tomdever wpForo Forum Plugin up to 3.0.5 on WordPress. It has been classified as critical. This affects the function Members::update. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2026-6248. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More