Описание
SQL injection vulnerability in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the groupid parameter in an editgroup action.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.7.4 (включая)
Одно из
cpe:2.3:a:vasthtml:forumpress:*:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.0:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.1:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.2:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.3:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.4:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.5:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.5.1:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.5.2:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.2:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.3:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.4:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.5:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.6:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.7:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.8:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.6.9:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.7:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.7.1:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.7.2:-:-:*:-:wordpress:*:*
cpe:2.3:a:vasthtml:forumpress:1.7.3:-:-:*:-:wordpress:*:*
EPSS
Процентиль: 90%
0.05326
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
SQL injection vulnerability in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the groupid parameter in an editgroup action.
EPSS
Процентиль: 90%
0.05326
Низкий
7.5 High
CVSS2
Дефекты
CWE-89