Lucene search
China National Vulnerability DatabaseCNVD-2022-19828HistoryJan 26, 2022 - 12:00 a.m.
WordPress Asgaros Forum plugin SQL injection vulnerability
2022-01-2600:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
0.001 Low
EPSS
Percentile
41.1%
WordPress is the WordPress Foundation’s set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL.A SQL injection vulnerability exists in versions of the WordPress plugin Asgaros Forum prior to 1.15.15, which stems from the fact that the Asgaros Forum WordPress plugin does not use the forum id parameter in SQL statements before editing the forum validate or escape the parameter. An attacker could use this vulnerability to execute illegal SQL commands.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress asgaros forum plugin | lt | 1.15.15 |
Related
wpvulndb
wpvulndb
Asgaros Forum < 1.15.15 - Admin+ SQL Injection via forum_id
2021-12-21 00:00:00
cve
cve
CVE-2021-25045
2022-01-24 08:15:09
cvelist
cvelist
CVE-2021-25045 Asgaros Forum < 1.15.15 - Admin+ SQL Injection via forum_id
2022-01-24 08:01:16
nvd
nvd
CVE-2021-25045
2022-01-24 08:15:09
patchstack
patchstack
prion
prion
Sql injection
2022-01-24 08:15:00
wpexploit
wpexploit
Asgaros Forum < 1.15.15 - Admin+ SQL Injection via forum_id
2021-12-21 00:00:00
osv
osv
CVE-2021-25045
2022-01-24 08:15:09