Description
WordPress Plugin WP Symposium is prone to an open redirect vulnerability because the application fails to properly sanitize user-supplied input. Exploiting this issue may allow attackers to redirect users to arbitrary web sites and conduct phishing attacks; other attacks are also possible. WordPress Plugin WP Symposium version 13.12 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 14.02 or latest
References
Related Vulnerabilities
Drupal Resource Management Errors Vulnerability (CVE-2014-5266)
WordPress Plugin ListingPro SQL Injection (2.9.3)
Oracle Database Server CVE-2006-0260 Vulnerability (CVE-2006-0260)
WordPress Plugin Relevant-Related Posts by BestWebSoft Cross-Site Scripting (1.0.7)
WordPress Plugin Contact Form Widget-Contact Query, Form Maker SQL Injection (1.0.9)