Intrusion Prevention

WordPress.Symposium.Plugin.SQL.Injection

Description

This indicates an attack attempt to exploit a SQL Injection vulnerability in Wordpress plugin WP-Symposium.
The vulnerability is a result of the application's failure to properly sanitize user input via HTTP request before using it in a SQL query. As a result, a remote attacker can send a crafted HTTP request to execute SQL commands on a vulnerable server.

Affected Products

Wordpress plugin WP-Symposium version 15.5.1 and prior

Impact

System Compromise: Remote attackers can access or modify data in the database of the affected application.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://wpvulndb.com/vulnerabilities/8140

CVE References

CVE-2015-6522