WordPress is the WordPress Foundation’s set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL.A SQL injection vulnerability exists in versions of the WordPress plugin Asgaros Forum prior to 1.15.15, which stems from the fact that the Asgaros Forum WordPress plugin does not use the forum id parameter in SQL statements before editing the forum validate or escape the parameter. An attacker could use this vulnerability to execute illegal SQL commands.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress asgaros forum plugin | lt | 1.15.15 |