CVE-2012-6625

Currently unrated

Key Information:

Vendor: Wordpress
Status: Forumpress
Vendor: CVE Published:; 16 January 2014

Summary

SQL injection vulnerability in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the groupid parameter in an editgroup action.

References

http://wordpress.org/extend/plugins/forum-server/changelog/

x_refsource_CONFIRM

https://plugins.trac.wordpress.org/changeset/532918

x_refsource_CONFIRM

http://www.securityfocus.com/bid/53530

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jan 16, 2014
Vulnerability Reserved
Jan 16, 2014