[Solved] wpForo Forum < 2.1.0 - Subscriber+ Arbitrary File Upload
I'am using wpforo in version 188.8.131.52 and the plugin is vulnerable as : https://wpscan.com/vulnerability/d54d5500-e034-4a4b-ab06-af2e84b7554b
Because of some custom code it is impossible to update the plugin for this time.
My question it is possible to disable the upload for subscriber user ? Or do anything that can fix the vuln ?
Thanks for your help
Navigate to Dashboard > wpForo > Settings > Spam Protection, and check Do not allow attaching files with following extensions field
Thanks for your reply, but i dont have the setting spam protection, i need to install a specific addons ?
Perfect, thanks for your help