3 matches found
CVE-2012-6625
CVE-2012-6625 affects the ForumPress WP Forum Server plugin for WordPress, specifically the fs-admin/fs-admin.php component. The vulnerability is a SQL injection via the groupid parameter in an editgroup action, exploitable remotely and leading to arbitrary SQL execution. It applies to plugin ver...
CVE-2012-6622
The CVE-2012-6622 entry concerns the ForumPress WP Forum Server WordPress plugin, specifically the fs-admin/fs-admin.php component, which is vulnerable to multiple XSS flaws. The vulnerability exists in version prior to 1.7.4 and is triggered via the groupid parameter in an editgroup action or th...
CVE-2012-6623
The CVE-2012-6623 issue affects the WordPress plugin ForumPress WP Forum Server (affected: ForumPress WP Forum Server plugin before 1.7.5). The vulnerability is an XSS in fs-admin/wpf-add-forum.php, exploitable via the groupid parameter in an addforum action to wp-admin/admin.php, allowing remote...