MEDIUM
Wpsymposiumpro
CVE published 2026-05-10
CVE-2021-47927
CVE-2021-47927 is a stored cross-site scripting vulnerability in the WordPress plugin WP Symposium Pro 2021.10. The supplied description says an authenticated attacker can send a crafted POST request to the admin setup page using the wps_admin_forum_add_name parameter, where insufficient sanitization allows a malicious script to be stored and later executed when the forum is viewed. NVD lists the issue as [truncated]