Vulnerability found...
Clear all

[Solved] Vulnerability found in 2.2.7

5 Posts
3 Users
1 Reactions
Posts: 29
Topic starter
Eminent Member
Joined: 12 months ago


Defender Pro security plugin is continually picking this up over the last few updates:

#WordPress wpForo plugin <= 2.2.7 - Cross Site Request Forgery (CSRF) on Sign-out vulnerability
-Vulnerability type: Cross Site Request Forgery (CSRF)


Anything to worry about?

4 Replies
Posts: 2612
Famed Member
Joined: 4 years ago

Real issue or not, if you have

Ninja Fireall for Wordpress, correctly configured

there is nothing to worry about. BE PROACTIVE.

1 Reply
Joined: 12 months ago

Eminent Member
Posts: 29


I have server-side WAF as well as the Defender Pro firewall. 

I think another might be overkill!

Posts: 10529
Support Team
Joined: 8 years ago


This is a false positive report. This issue has been fixed in 2.2.3 version, however the problem report don't response to our emails and don't remove it. So this is a outdated wrong information.

1 Reply
Joined: 12 months ago

Eminent Member
Posts: 29



I'll hit 'ignore' on the next scan.