Vulnerability Details CVE-2012-5327
Multiple SQL injection vulnerabilities in fs-admin/fs-admin.php in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) delete_usrgrp[] parameter in a delete_usergroups action, (2) usergroup parameter in an add_user_togroup action, or (3) add_forum_group_id parameter in an add_forum_submit action.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.5%
CVSS Severity
CVSS v2 Score 6.5
References
- http://packetstormsecurity.org/files/view/108915/wpmingleforum-sqlxss.txt
- http://plugins.trac.wordpress.org/changeset?reponame=&new=492859%40mingle-forum&old=487353%40mingle-forum
- http://wordpress.org/extend/plugins/mingle-forum/changelog/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72641
- http://packetstormsecurity.org/files/view/108915/wpmingleforum-sqlxss.txt
- http://plugins.trac.wordpress.org/changeset?reponame=&new=492859%40mingle-forum&old=487353%40mingle-forum
- http://wordpress.org/extend/plugins/mingle-forum/changelog/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72641
Products affected by CVE-2012-5327
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.00
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.01
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.02
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.03
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.04
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.05
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.06
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.07
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.08
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.09
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.10
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.11
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.12
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.13
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.14
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.15
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.16
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.17
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.18
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.19
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.20
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.21
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.21.1
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.22
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.23
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.23.1
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.23.2
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.24
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.25
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.26
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.27
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.28
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.28.1
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.28.2
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.29
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.30
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31.1
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31.2
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31.3
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.31.4
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.32
-
cpe:2.3:a:cartpauj:mingle-forum:1.0.32.1
-
cpe:2.3:a:wordpress:wordpress:-