What is CVE-2014-8809?

CVE-2014-8809 is a vulnerability in Wpsymposiumpro Wp_symposium, classified under Cross-site Scripting. Published 2014-12-24.

Is CVE-2014-8809 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

XSS in Wpsymposiumpro Wp_symposium

CVE-2014-8809

Multiple cross-site scripting (XSS) vulnerabilities in the WP Symposium plugin before 14.11 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) text parameter in an addComment action to ajax/profile_func…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.004 (58.3th percentile) — read the EPSS interpretation.

Affected products

Wpsymposiumpro Wp_symposium
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

Public proof-of-concept exploits

20142995/nuclei-templates

References

cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2014-8809?: CVE-2014-8809 is a vulnerability in Wpsymposiumpro Wp_symposium, classified under Cross-site Scripting. Published 2014-12-24.
Is CVE-2014-8809 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.