ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Symposium Plugin <= 13.03 - Open Redirection

Product
Symposium
Description
Because of this vulnerability in invite.php, the attackers can redirect users to arbitrary web sites and conduct phishing attacks via a URL in the "u" parameter.
Solution
Update the plugin.
Classification
Type Open Redirection
References
CVE Mitre
CVE
Name CVE-2013-2694
Versions
Affected In <= 13.03
Fixed In 13.04
Disclosure date
2013-03-26
Credits
Charlie Eriksen