Unrated severityNVD Advisory· Published Jan 24, 2022· Updated Aug 3, 2024
Asgaros Forum < 1.15.15 - Admin+ SQL Injection via forum_id
CVE-2021-25045
Description
The Asgaros Forum WordPress plugin before 1.15.15 does not validate or escape the forum_id parameter before using it in a SQL statement when editing a forum, leading to an SQL injection issue
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Asgaros Forumdescription
- Range: <1.15.15
Patches
Vulnerability mechanics
References
2- plugins.trac.wordpress.org/changeset/2642215mitrex_refsource_CONFIRM
- wpscan.com/vulnerability/c60a3d40-449c-4c84-8d13-68c04267c1d7mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.