CVE-2021-25045

Summary

The Asgaros Forum WordPress plugin before 1.15.15 does not validate or escape the forum_id parameter before using it in a SQL statement when editing a forum, leading to an SQL injection issue

Affected Software

VendorProductVersion RangeStatus
UnknownAsgaros Forum1.15.15 < 1.15.15affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References