CVE-2021-24827

Summary

The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user input when subscribing to a topic before using it in a SQL statement, leading to an unauthenticated SQL injection issue

Affected Software

VendorProductVersion RangeStatus
UnknownAsgaros Forum1.15.13 < 1.15.13affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References