Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 12 Jan 2016 21:02:42 +0530
From: Rahul Pratap Singh <>
Subject: CVE Request: WP Symposium Pro Social Network Plugin 16.1 XSS Vulnerability


#Product : WP Symposium Pro Social Network plugin
#Home page Link :
#Version : 16.1
#Date : 12/Jan/2016

XSS Vulnerability:


“user_id” parameter is not sanitized, that leads to reflected xss.


Update to version 16.01.01

Disclosure Timeline:

reported to vendor : 12/1/2016
vendor response : 12/1/2016
vendor acknowledged : 12/1/2016
vendor deployed a patch: 12/1/2016

Pub Ref:

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ