CVE-2021-25045

CVE-2021-25045: Asgaros Forum < 1.15.15 - Admin+ SQL Injection via forum_id

Vendor Unknown

Product Asgaros Forum

Weakness CWE-89 · SQLi

Published January 24, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Asgaros Forum WordPress plugin before 1.15.15 does not validate or escape the forum_id parameter before using it in a SQL statement when editing a forum, leading to an SQL injection issue

Key dates

02Disclosure timeline

January 24, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-25045

Related vulnerabilities

CVE-2021-25045: Asgaros Forum < 1.15.15 - Admin+ SQL Injection via forum_id

01Description

02Disclosure timeline

03References

04Related CVE