Vulnerabilities and Security Researches

Asgaros Forum, CVE-2021-24827

CVE, Research URL: CVE-2021-24827
Home page URL: Security reports for Asgaros Forum
Application: Asgaros Forum
Published on: Nov 08, 2021
Research Description: The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user input when subscribing to a topic before using it in a SQL statement, leading to an unauthenticated SQL injection issue
Affected versions: Min -, max 1.5.9.
Status: vulnerable