Security for everyone

CVE-2018-11709 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in wpForo Forum plugin for WordPress affects v. before 1.4.12.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one


Parent Category

CVE-2018-11709 Scanner Detail

The wpForo Forum plugin for WordPress is a popular tool that allows website owners to create a forum platform where users can engage in discussions, share ideas, and seek help from each other. The plugin is used by businesses, organizations, and individuals who want to build a community around their website or brand. The plugin provides a range of features and customization options to make it possible to create a unique forum experience for users.

However, the plugin has a serious vulnerability that was detected in 2018. The vulnerability is identified as CVE-2018-11709 and it can be exploited by attackers to launch cross-site scripting (XSS) attacks. XSS is a type of attack where malicious code is injected into a web page which is then executed in the browser of unsuspecting users. The vulnerability allows attackers to inject malicious code in the URI, which is then reflected back to the user’s browser when they visit a vulnerable webpage.

When exploited, the CVE-2018-11709 vulnerability can lead to serious consequences for website owners and users. Attackers can use this vulnerability to steal sensitive user data such as usernames, passwords, and other personal information. They can also use the vulnerability to redirect users to malicious websites, launch phishing attacks, or hijack user sessions.

By following these precautions, website owners can significantly reduce the risk of their websites being compromised by attackers. Additionally, using advanced security solutions, such as those offered by, can help website owners stay up-to-date on emerging vulnerabilities and take proactive steps to protect against them. With powerful pro features, users can quickly and easily identify vulnerabilities in their digital assets and take necessary action to mitigate risks and protect their online presence.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture