WP Forum Server, CVE-2012-6625

CVE, Research URL: CVE-2012-6625
Home page URL: Security reports for WP Forum Server
Application: WP Forum Server
Published on: Jan 17, 2014
Research Description: SQL injection vulnerability in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the groupid parameter in an editgroup action.
Affected versions: Min -, max 1.7.4.
Status: vulnerable