CVE-2021-47927

CVE-2021-47927 affects the WordPress plugin WP Symposium Pro (version 2021.10). It describes a stored cross-site scripting (XSS) vulnerability in the wps_admin_forum_add_name parameter used during admin setup: authenticated attackers can submit a JavaScript payload via POST, which is stored and e...

CVE-2021-47927

WordPress Plugin WP Symposium Pro 2021.10 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by exploiting insufficient sanitization of the forum name parameter. Attackers can submit POST requests to the admin setup page with...

PT-2026-39503

WordPress Plugin WP Symposium Pro 2021.10 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by exploiting insufficient sanitization of the forum name parameter. Attackers can submit POST requests to the admin setup page with...

EUVD-2014-8640

Malware in sbrugna...

EUVD-2015-9254

Malware in sbrugna...

EUVD-2014-8639

Malware in sbrugna...

EUVD-2011-3798

Malware in sbrugna...

EUVD-2015-3371

Malware in sbrugna...

EUVD-2011-4954

Malware in sbrugna...

EUVD-2013-2633

Malware in sbrugna...

EUVD-2013-2634

Malware in sbrugna...

CVE-2015-9414

The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/getalbumitem.php?size parameter...

WordPress WP Symposium Pro 2021.10 Plugin - (wps_admin_forum_add_name) XSS Vulnerability

Exploit Title: WordPress Plugin WP Symposium Pro 2021.10 - 'wpsadminforumaddname' Stored Cross-Site Scripting XSS Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: http://www.wpsymposiumpro.com/ Software Link: https://wordpress.org/plugins/wp-symposium-pro/ Version: 2021.10 Tested o...

WordPress WP Symposium Pro 2021.10 Cross Site Scripting

Exploit Title: WordPress Plugin WP Symposium Pro 2021.10 - 'wpsadminforumaddname' Stored Cross-Site Scripting XSS Date: 11/11/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: http://www.wpsymposiumpro.com/ Software Link: https://wordpress.org/plugins/wp-symposium-pro/ Version:...

WordPress Plugin WP Symposium Pro 2021.10 - 'wps_admin_forum_add_name' Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin WP Symposium Pro 2021.10 - 'wpsadminforumaddname' Stored Cross-Site Scripting XSS Date: 11/11/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: http://www.wpsymposiumpro.com/ Software Link: https://wordpress.org/plugins/wp-symposium-pro/ Version:...

CVE-2015-9414

The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/getalbumitem.php?size parameter...

Code injection

The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/getalbumitem.php?size parameter...

CVE-2015-9414

WordPress WP Symposium plugin (

CVE-2015-9414

The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/getalbumitem.php?size parameter...

WordPress Symposium Plugin SQL Injection

This module exploits a SQL injection vulnerability in the WP Symposium plugin before 15.8 for WordPress, which allows remote attackers to extract credentials via the size parameter to getalbumitem.php. This module requires Metasploit: https://metasploit.com/download Current source:...