WordPress Plugin Vulnerabilities

WP Symposium <= 14.10 - XSS & SQL Injection

Description

The wp-symposium WordPress plugin was affected by a XSS & SQL Injection security vulnerability.

Affects Plugins

Plugin icon
wp-symposium
Fixed in 14.11

References

CVE
CVE-2014-8810
CVE
CVE-2014-8809
Exploitdb
35505
URL
https://security.szurek.pl/wp-symposium-1410-multiple-xss-and-sql-injection.html

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
e01602f6-33ac-43c7-a969-ca6cf48ff3c7

Timeline

Publicly Published
2014-11-26 (about 11 years ago)
Added
2014-12-09 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2019-06-19
Title
Shortlinks by Pretty Links <= 2.1.9 - Stored XSS and CSV Injection
Published
2016-08-24
Title
CYSTEME Finder <= 1.3 - Unauthenticated LFI and Unauthenticated File Upload
Published
2017-05-31
Title
Simple Slideshow Manager <= 2.3 – Multiple Vulnerabilities
Published
2020-03-17
Title
Custom Post Type UI < 1.7.4 - CSRF to Stored XSS
Published
2015-05-04
Title
Ultimate Product Catalogue <= 3.1.4 - Multiple Vulnerabilities