0.213 Low
EPSS
Percentile
96.5%
The plugin does not validate and escape user input when subscribing to a topic before using it in a SQL statement, leading to an unauthenticated SQL injection issue
https://example.com/forum/?subscribe_topic=1%20union%20select%201%20and%20sleep(10)
plugins.trac.wordpress.org/changeset/2611560/asgaros-forum