CVE-2026-40798CRITICAL NVDCVSS Score 9.3Severity CRITICALPublished Jun 15, 2026Vendor unknownDescriptionUnauthenticated SQL Injection in wpForo Forum <= 3.0.4 versions.Referenceshttps://patchstack.com/database/wordpress/plugin/wpforo/vulnerability/wordpress-wpforo-forum-plugin-3-0-4-sql-injection-vulnerability?_s_id=cve