Unrated severityNVD Advisory· Published Dec 24, 2014· Updated Jun 17, 2026
CVE-2014-8810
CVE-2014-8810
Description
SQL injection vulnerability in ajax/mail_functions.php in the WP Symposium plugin before 14.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tray parameter in a getMailMessage action.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:wpsymposiumpro:wp_symposium:*:*:*:*:*:wordpress:*:*Range: <=14.10
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.