CVSS 3.1 Score 6.1 of 10 (medium)


Published Jul 24, 2023
Updated: Nov 7, 2023


CVE-2023-2309 is a vulnerability found in the wpForo Forum WordPress plugin before version 2.1.9, which allows for a Reflected Cross-Site Scripting attack due to unescaped request parameters in debug mode. This vulnerability affects multiple products, including versions aeK0Y9, aeK0Y8, aeK0Y_, and aeK0Y-. The danger it poses to organizations is rated as medium severity, with a base score of 6.1 out of 10. To remediate this vulnerability, users should update their wpForo Forum plugin to version 2.1.9 or later to patch the issue and prevent potential exploitation.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-2309 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options