Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Asgaros Forum < 1.15.15 - Admin+ SQL Injection via forum_id
Vulnerability Description
The Asgaros Forum WordPress plugin before 1.15.15 does not validate or escape the forum_id parameter before using it in a SQL statement when editing a forum, leading to an SQL injection issue
CVSS Information
N/A
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
WordPress plugin SQL注入漏洞
Vulnerability Description
WordPress plugin是WordPress开源的一个应用插件。 WordPress plugin Asgaros Forum 存在SQL注入漏洞,该漏洞源于1.15.15之前的Asgaros论坛WordPress插件在编辑论坛时,在SQL语句中使用论坛id参数之前,不会验证或转义该参数,这会导致SQL注入问题。攻击者可利用该漏洞执行非法SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A