CRITICAL
Tomdever
CVE published 2026-06-01
CVE-2026-42682
A critical missing authorization vulnerability in wpForo Forum allows unauthenticated attackers to exploit incorrectly configured access control security levels. The vulnerability affects versions from n/a through 3.0.6 and has been assigned a CVSS 3.1 score of 9.1 (Critical). The issue was published in the NVD on June 1, 2026, with a status of 'Received'. The underlying weakness is CWE-862 (Missing Autho [truncated]