CVE-2015-6522

Currently unrated

Key Information:

Vendor: Wordpress
Status: WP Symposium
Vendor: CVE Published:; 19 August 2015

Summary

SQL injection vulnerability in the WP Symposium plugin before 15.8 for WordPress allows remote attackers to execute arbitrary SQL commands via the size parameter to get_album_item.php.

References

https://www.exploit-db.com/exploits/37824/

exploitx_refsource_EXPLOIT-DB

https://wpvulndb.com/vulnerabilities/8140

x_refsource_MISC

EPSS Score

96% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 19, 2015
Vulnerability Reserved
Aug 19, 2015