Description
WordPress Plugin WP Symposium is prone to an open redirect vulnerability because the application fails to properly sanitize user-supplied input. Exploiting this issue may allow attackers to redirect users to arbitrary web sites and conduct phishing attacks; other attacks are also possible. WordPress Plugin WP Symposium version 13.04 is vulnerable; prior versions may also be affected.
Remediation
Update to the latest version
References
Related Vulnerabilities
WordPress Plugin Build App Online SQL Injection (1.0.18)
WordPress Plugin Entries For WPForms SQL Injection (1.4.0)
WordPress Plugin Invoicing with InvoiceXpress for WooCommerce-Free Cross-Site Scripting (3.0.2)
WordPress Plugin MyBB Cross-Poster Cross-Site Scripting (1.0)
WordPress Plugin post highlights 'ph_settings.php' SQL Injection (2.2)