CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-6522

SQL injection vulnerability in the WP Symposium plugin before 15.8 for WordPress allows remote attackers to execute arbitrary SQL commands via the size parameter to get_album_item.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.782

EPSS Ranking 99.0%

CVSS Severity

CVSS v2 Score 7.5

References

https://wpvulndb.com/vulnerabilities/8140
https://www.exploit-db.com/exploits/37824/
https://wpvulndb.com/vulnerabilities/8140
https://www.exploit-db.com/exploits/37824/

Products affected by CVE-2015-6522

Wpsymposium » Wp Symposium » Version: 13.02

cpe:2.3:a:wpsymposium:wp_symposium:13.02
Wpsymposium » Wp Symposium » Version: 13.04

cpe:2.3:a:wpsymposium:wp_symposium:13.04
Wpsymposium » Wp Symposium » Version: 14.10

cpe:2.3:a:wpsymposium:wp_symposium:14.10
Wpsymposium » Wp Symposium » Version: 14.11

cpe:2.3:a:wpsymposium:wp_symposium:14.11
Wpsymposium » Wp Symposium » Version: 15.2

cpe:2.3:a:wpsymposium:wp_symposium:15.2
Wpsymposium » Wp Symposium » Version: 15.7

cpe:2.3:a:wpsymposium:wp_symposium:15.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6522

Products

Pricing

Contact Us