Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

gVectors Team — Vulnerabilities & Security Advisories 32

Browse all 32 CVE security advisories affecting gVectors Team. AI-powered Chinese analysis, POCs, and references for each vulnerability.

gVectors Team primarily develops and maintains the gVectors platform, a comprehensive security management solution designed for vulnerability assessment and compliance monitoring. Historical data indicates that the organization’s software has been associated with thirty-two distinct Common Vulnerabilities and Exposures (CVEs), reflecting a pattern of recurring security flaws. The most prevalent vulnerability classes affecting gVectors Team products include remote code execution, cross-site scripting, and privilege escalation issues, which often stem from insufficient input validation and improper access controls. While specific major incidents involving widespread exploitation are not prominently documented in public threat intelligence feeds, the consistent presence of these CVEs suggests ongoing challenges in securing the application’s core architecture. Security researchers frequently highlight the need for rigorous patch management and enhanced code review processes to mitigate these risks, as the cumulative impact of these vulnerabilities poses significant operational threats to organizations relying on the platform for their security infrastructure.

Top products by gVectors Team: wpForo Forum wpForo Forum (WordPress plugin) Comments – wpDiscuz (WordPress plugin) WooDiscuz – WooCommerce Comments Comments — wpDiscuz Comments – wpDiscuz wpDiscuz
CVE IDTitleCVSSSeverityPublished
CVE-2026-28562 wpForo Forum 2.4.14 SQL Injection via Topics ORDER BY Parameter — wpForo ForumCWE-89 8.2 High2026-02-28
CVE-2026-28561 wpForo Forum 2.4.14 Stored XSS via Unescaped Forum Description in Templates — wpForo ForumCWE-79 5.5 Medium2026-02-28
CVE-2026-28560 wpForo Forum 2.4.14 Stored XSS via Unsafe JSON Encoding in Inline Script — wpForo ForumCWE-79 5.5 Medium2026-02-28
CVE-2026-28559 wpForo Forum 2.4.14 Information Disclosure via Global RSS Feed — wpForo ForumCWE-200 5.3 Medium2026-02-28
CVE-2026-28558 wpForo Forum 2.4.14 Stored XSS via SVG Avatar File Upload — wpForo ForumCWE-79 6.4 Medium2026-02-28
CVE-2026-28557 wpForo Forum 2.4.14 Privilege Escalation via Role Synchronization Handler — wpForo ForumCWE-862 6.5 Medium2026-02-28
CVE-2026-28556 wpForo Forum 2.4.14 Missing Authorization via Topic Management Form Handlers — wpForo ForumCWE-862 5.4 Medium2026-02-28
CVE-2026-28555 wpForo Forum 2.4.14 Missing Authorization via Topic Close AJAX Handler — wpForo ForumCWE-862 4.3 Medium2026-02-28
CVE-2026-28554 wpForo Forum 2.4.14 Missing Authorization via Post Approval AJAX Handler — wpForo ForumCWE-862 4.3 Medium2026-02-28
CVE-2023-47869 WordPress wpForo plugin <= 2.2.5 - Broken Access Control + CSRF vulnerability — wpForo ForumCWE-80 4.3 Medium2024-12-09
CVE-2024-43289 WordPress wpForo Forum plugin <= 2.3.4 - Unauthenticated Sensitive Data Exposure vulnerability — wpForo ForumCWE-200 7.5 High2024-08-26
CVE-2024-43288 WordPress wpForo Forum plugin <= 2.3.4 - Insecure Direct Object References (IDOR) vulnerability — wpForo ForumCWE-639 4.3 Medium2024-08-18
CVE-2022-38055 WordPress wpForo Forum plugin <= 2.0.9 - Auth. HTML Injection vulnerability — wpForo ForumCWE-80 4.3 Medium2024-06-21
CVE-2024-35681 WordPress wpDiscuz plugin <= 7.6.18 - Cross Site Scripting (XSS) vulnerability — wpDiscuzCWE-79 6.5 Medium2024-06-08
CVE-2023-46310 WordPress wpDiscuz plugin <= 7.6.10 - Content Injection vulnerability — wpDiscuzCWE-80 5.3 Medium2024-06-04
CVE-2023-51691 WordPress wpDiscuz Plugin <= 7.6.12 is vulnerable to Cross Site Scripting (XSS) — Comments – wpDiscuzCWE-79 5.9 Medium2024-02-01
CVE-2023-46311 WordPress wpDiscuz Plugin <= 7.6.3 is vulnerable to Insecure Direct Object References (IDOR) — Comments – wpDiscuzCWE-639 2.7 Low2023-12-20
CVE-2023-49759 WordPress WooDiscuz – WooCommerce Comments Plugin <= 2.3.0 is vulnerable to Cross Site Request Forgery (CSRF) — WooDiscuz – WooCommerce CommentsCWE-352 5.4 Medium2023-12-18
CVE-2023-47870 WordPress wpForo Forum Plugin <= 2.2.6 is vulnerable to Broken Access Control and Cross Site Request Forgery (CSRF) — wpForo ForumCWE-352 7.1 Medium2023-11-30
CVE-2023-47872 WordPress wpForo Forum Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS) — wpForo ForumCWE-79 6.5 Medium2023-11-30
CVE-2023-47775 WordPress wpDiscuz Plugin <= 7.6.11 is vulnerable to Cross Site Request Forgery (CSRF) — Comments — wpDiscuzCWE-352 4.3 Medium2023-11-22
CVE-2023-47185 WordPress wpDiscuz Plugin <= 7.6.11 is vulnerable to Cross Site Scripting (XSS) — Comments — wpDiscuzCWE-79 7.1 High2023-11-06
CVE-2023-33216 WordPress WooDiscuz – WooCommerce Comments Plugin <= 2.2.9 is vulnerable to Cross Site Scripting (XSS) — WooDiscuz – WooCommerce CommentsCWE-79 5.9 Medium2023-05-28
CVE-2022-43492 WordPress Comments – wpDiscuz plugin 7.4.2 - Auth. Insecure Direct Object References (IDOR) vulnerability — Comments – wpDiscuz (WordPress plugin) 4.3 Medium2022-11-18
CVE-2022-40192 WordPress wpForo Forum plugin <= 2.0.9 - Cross-Site Request Forgery (CSRF) vulnerability — wpForo Forum (WordPress plugin)CWE-352 7.1 High2022-11-17
CVE-2022-40200 WordPress wpForo Forum plugin <= 2.0.9 - Auth. Arbitrary File Upload vulnerability — wpForo Forum (WordPress plugin) 9.9 Critical2022-11-17
CVE-2022-40206 WordPress wpForo Forum plugin <= 2.0.5 - Insecure direct object references (IDOR) vulnerability — wpForo Forum (WordPress plugin) 6.3 Medium2022-11-08
CVE-2022-40205 WordPress wpForo Forum plugin <= 2.0.5 - Insecure direct object references (IDOR) vulnerability — wpForo Forum (WordPress plugin) 5.4 Medium2022-11-08
CVE-2022-40632 WordPress wpForo Forum plugin <= 2.0.5 - Cross-Site Request Forgery (CSRF) vulnerability — wpForo Forum (WordPress plugin)CWE-352 5.4 Medium2022-11-08
CVE-2022-38144 WordPress wpForo Forum plugin <= 2.0.5 - Cross-Site Request Forgery (CSRF) vulnerability — wpForo Forum (WordPress plugin)CWE-352 8.8 -2022-09-09

This page lists every published CVE security advisory associated with gVectors Team. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.