WordPress WP Symposium Plugin 'tray' SQL Injection Vulnerability
WordPress WP Symposium plugins are web plugins that add social features. WP Symposium fails to properly filter the value of the 'tray' POST parameter in wp-symposium/ajax/mailfunctions.php when action is set to getMailMessage and mid is set to a valid message ID, allowing attackers to inject...