Every CVE whose affected-product data names Gvectors Wpforo, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2018-11515 — CVSS 9.8 (critical): The wpForo plugin through 2018-02-05 for WordPress has SQL Injection via a search with the /forum/ wpfo parameter.