Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asgaros asgaros forum vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5604
The Asgaros Forum WordPress plugin prior to 2.7.1 allows forum administrators, who may not be WordPress (super-)administrators, to set insecure configuration that allows unauthenticated users to upload dangerous files (e.g. .php, .phtml), potentially leading to remote code execut...
Asgaros Asgaros Forum
6.5
CVSSv2
CVE-2021-25045
The Asgaros Forum WordPress plugin prior to 1.15.15 does not validate or escape the forum_id parameter before using it in a SQL statement when editing a forum, leading to an SQL injection issue
Asgaros Asgaros Forum
7.5
CVSSv2
CVE-2021-24827
The Asgaros Forum WordPress plugin prior to 1.15.13 does not validate and escape user input when subscribing to a topic before using it in a SQL statement, leading to an unauthenticated SQL injection issue
Asgaros Asgaros Forum
2.1
CVSSv2
CVE-2021-42365
The Asgaros Forums WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the name parameter found in the ~/admin/tables/admin-structure-table.php file which allowed attackers with administrative user access to inject arbitrary web scripts,...
Asgaros Asgaros Forum
NA
CVE-2022-41608
Cross-Site Request Forgery (CSRF) vulnerability in Thomas Belser Asgaros Forum plugin <= 2.2.0 versions.
Asgaros Asgaros Forum
NA
CVE-2024-22284
Deserialization of Untrusted Data vulnerability in Thomas Belser Asgaros Forum.This issue affects Asgaros Forum: from n/a up to and including 2.7.2.
Asgaros Asgaros Forum
6.5
CVSSv2
CVE-2022-0411
The Asgaros Forum WordPress plugin prior to 2.0.0 does not sanitise and escape the post_id parameter before using it in a SQL statement via a REST route of the plugin (accessible to any authenticated user), leading to a SQL injection
Asgaros Asgaros Forum
NA
CVE-2024-32440
Cross-Site Request Forgery (CSRF) vulnerability in Thomas Belser Asgaros Forum.This issue affects Asgaros Forum: from n/a up to and including 2.8.0.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started