CVE-2026-28562
CVE-2026-28562
8.8
HighPublished:
Last updated:
Source:disclosure@vulncheck.com
Analyzed
Weakness (CWE)
CVSS Vector
v4.0- Attack Vector
- Network
- Attack Complexity
- Low
- Attack Requirements
- None
- Privileges Required
- None
- User Interaction
- None
- Confidentiality (Vulnerable)
- High
- Integrity (Vulnerable)
- Low
- Availability (Vulnerable)
- None
- Confidentiality (Subsequent)
- None
- Integrity (Subsequent)
- None
- Availability (Subsequent)
- None
Description
wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics::get_topics() where the ORDER BY clause relies on ineffective esc_sql() sanitization on unquoted identifiers. Attackers exploit the wpfob parameter with CASE WHEN payloads to perform blind boolean extraction of credentials from the WordPress database.
References
disclosure@vulncheck.com
https://wordpress.org/plugins/wpforo/disclosure@vulncheck.com
https://wordpress.org/plugins/wpforo/#developersdisclosure@vulncheck.com
https://www.vulncheck.com/advisories/wpforo-sql-injection-via-topics-order-by-parameter