CVE-2026-28559 | gVectors wpForo Forum up to 2.4.15 Global RSS Feed Endpoint ID information disclosure

Inserito da Angelo Barbosa | Mar 1, 2026 | CVE

A vulnerability labeled as problematic has been found in gVectors wpForo Forum up to 2.4.15. The affected element is an unknown function of the component Global RSS Feed Endpoint. The manipulation of the argument ID results in information disclosure.

This vulnerability was named CVE-2026-28559. The attack may be performed from remote. There is no available exploit.

The affected component should be upgraded.

CVE-2026-28559 | gVectors wpForo Forum up to 2.4.15 Global RSS Feed Endpoint ID information disclosure

Post correlati

CVE-2025-15413 | wasm3 up to 0.5.0 m3_exec.h op_SetSlot_i32/op_CallIndirect memory corruption (543/547)

CVE-2022-48690 | Linux Kernel up to 5.19.8 XDP_SETUP_XSK_POOL ice_vsi_cfg_rxq memory leak (07f40e9f0ff3/7e753eb675f0)

CVE-2024-39735 | IBM Datacap Navigator 9.1.5/9.1.6/9.1.7/9.1.8/9.1.9 Web UI cross site scripting (XFDB-296002)

CVE-2024-43406 | LF-Edge ekuiper up to 1.14.1 sql injection (GHSA-r5ph-4jxm-6j9p)