CVE-2012-6625

SQL injection vulnerability in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the groupid parameter in an editgroup action.

Date published : 2014-01-16

http://www.securityfocus.com/bid/53530

http://wordpress.org/extend/plugins/forum-server/changelog/