WP-Forum Plugin Security Bulletin 147comments
Jeff Chandler 
Thanks for visiting! We would like to serve you better. Please subscribe to our RSS feed for daily updates. This blog posts regular Wordpress news, updates of themes, plugins, ideas, hacks, quick fixes and everything about blogging, especially about Wordpress. You can also receive updates from this blog via email if you want that method of notification.
If you are currently using the latest release of the WP-Forum plugin, listen up. The websec security team has discovered a vulnerability within this plugin that can be exploited by malicious users to conduct SQL injection attacks. According to Secunia:
Input passed to the “user” parameter in the WordPress installation’s index.php script (when “forumaction” is set to “showprofile” and “page_id” to a page with the “<!–WPFORUM–>” tag) is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
This vulnerability when exploited successfully allows the individual to retrieve usernames, password hashes, and email addresses for all users, including administrators. However, the user has to have knowledge of the proper database table prefix. This vulnerability has been confirmed in version 1.7.4 which is currently the most recent version available for download.
Description:
WP-Forum is a WordPress plugin that enables you to have a forum directly attached to your WordPress installation. The plugin is based on Simple Forum.
[EDIT] We wish the plugin author was notified of the vulnerability and given a chance to fix it, but there was no mention of it in the advisory. So until a fix is released, we suggest that the plugin is disabled and removed.
[EDIT] As pointed out in the comments, not the same as Simple Forum WP Plugin.
Powered by 
Designed by 
