Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.
9.1

CVE-2026-42682: wpForo Forum Missing Authorization Allows Unauthorized Access

CVE-2026-42682
Summary

An incorrectly configured security setting in wpForo Forum can allow unauthorized users to access restricted areas of the forum. This is a security concern because it could allow users to view or modify sensitive information. To fix this issue, update wpForo Forum to the latest version or adjust the security settings according to the software's documentation.

Original title
Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects wpForo Forum: from n/a through 3.0.6.
Original description
Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels.

This issue affects wpForo Forum: from n/a through 3.0.6.
nvd CVSS3.1 9.1
Vulnerability type
CWE-862 Missing Authorization
Published: 1 Jun 2026 · Updated: 1 Jun 2026 · First seen: 1 Jun 2026