CVE-2014-10021
published 2015-01-13CVE-2014-10021: Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by…
PriorityP181high7.5CVSS 2.0
AVNACLAuNCPIPAP
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
59.97%
99.0th percentile
Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in server/php/.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wpsymposiumpro | wp_symposium | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor POST requests to /wp-content/plugins/wp-symposium/server/php/index.php — this endpoint performs no extension validation and accepts arbitrary file uploads including .php files. ↗
- →Detect multipart upload requests containing the boundary string '----------lImIt_of_THE_fIle_eW_$' as a signature of the public exploit tool. ↗
- →Alert on POST requests to the wp-symposium server/php path that include a 'files[]' field with a .php filename — this is the direct shell upload vector. ↗
- →After upload, attackers make a direct GET request to the uploaded .php file under the wp-symposium server/php directory to execute it — monitor for GET requests to .php files in that path. ↗
- →Use Google dork 'index of "wp-symposium"' to identify exposed WordPress installations running the vulnerable plugin for proactive scanning. ↗
- →The Metasploit module checks for plugin version < 14.12 via the readme; flag installations of wp-symposium at version 14.11 or earlier. ↗
- ·The same vulnerable unprotected upload endpoint also exists under the mobile-files path; detection rules must cover both /server/php/ and /mobile-files/server/php/. ↗
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8w8v-qp73-2wwg: Unrestricted file upload vulnerability in UploadHandler
ghsa_unreviewed·2022-05-14
CVE-2014-10021 [HIGH] GHSA-8w8v-qp73-2wwg: Unrestricted file upload vulnerability in UploadHandler
Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in server/php/.
VulnCheck
wpsymposiumpro wp_symposium Unrestricted Upload of File with Dangerous Type
vulncheck·2014·CVSS 7.5
CVE-2014-10021 [HIGH] wpsymposiumpro wp_symposium Unrestricted Upload of File with Dangerous Type
wpsymposiumpro wp_symposium Unrestricted Upload of File with Dangerous Type
Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in server/php/.
Affected: wpsymposiumpro wp_symposium
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-alert-wordpress-wp-symposium-14.11-unauthenticated-shell-upload-exploit-attempt/
No detection rules found.
Exploit-DB
WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload (Metasploit)
exploitdb·2015-01-13
CVE-2014-10021 WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload (Metasploit)
WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload (Metasploit)
---
##
# This module requires Metasploit: http://www.metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 'WordPress WP Symposium 14.11 Shell Upload',
'Description' => %q{WP Symposium Plugin for WordPress contains a
flaw that allows a remote attacker to execute
arbitrary PHP code. This flaw exists because the
/wp-symposium/server/file_upload_form.php script
does not properly verify or sanitize
user-uploaded files. By uploading a .php file,
the remote system will place the file in a
user-accessible path. Making a direct request to
the uploaded file will allow the attacker to
execute the script with the privileges of the
web server.},
'Licen
Exploit-DB
WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload
exploitdb·2014-12-15
CVE-2014-10021 WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload
WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload
---
#!/usr/bin/python
#
# Exploit Name: Wordpress WP Symposium 14.11 Shell Upload Vulnerability
#
#
# Vulnerability discovered by Claudio Viviani
#
# Exploit written by Claudio Viviani
#
#
# 2014-11-27: Discovered vulnerability
# 2014-12-01: Vendor Notification (Twitter)
# 2014-12-02: Vendor Notification (Web Site)
# 2014-12-04: Vendor Notification (E-mail)
# 2014-12-11: No Response/Feedback
# 2014-12-11: Published
#
# Video Demo + Fix: https://www.youtube.com/watch?v=pF8lIuLT6Vs
#
# --------------------------------------------------------------------
#
# The upload function located on "/wp-symposium/server/file_upload_form.php " is protected:
#
# if ($_FILES["file"]["error"] > 0) {
# echo "Error: " . $_FILES["file"]["error"] .
Metasploit
WordPress WP Symposium 14.11 Shell Upload
metasploit
WordPress WP Symposium 14.11 Shell Upload
WordPress WP Symposium 14.11 Shell Upload
WP Symposium Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the /wp-symposium/server/file_upload_form.php script does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the attacker to execute the script with the privileges of the web server.
Greynoiseio
NoiseLetter March 2026
blogs_greynoiseio
NoiseLetter March 2026
Events, events… and yes, even more events. 🌍 GreyNoise has been on the move. March kept us busy with stops at eCrimes in London and SecIT in Hanover—but we’re just getting started. Over the next few months, we’ll be hitting the road for CrowdStrike CrowdTours across eight cities, heading to Glasgow to speak and sponsor CyberUK, and making our way to Tampa for H-ISAC. If you’ll be at any of these (or nearby), we’d love to connect.
And while we’ve been racking up miles, we haven’t slowed down on the research front. We’ve just released some exciting new findings—with even more coming in the next few weeks—so keep an eye out.
Thanks, as always, for being part of the GreyNoise community.
Featured
About this new report
Every enterprise firewall processes traffic from residential IP space. T
arXiv
ATTACK2VEC: Leveraging Temporal Word Embeddings to Understand the Evolution of Cyberattacks
arxiv_fulltext·2019-05-29
ATTACK2VEC: Leveraging Temporal Word Embeddings to Understand the Evolution of Cyberattacks
: Leveraging Temporal Word Embeddings to
Understand the Evolution of Cyberattacks
## Abstract
Despite the fact that cyberattacks are constantly growing in complexity, the research community still lacks effective tools to easily monitor and understand them.
In particular, there is a need for techniques that are able to not only track how prominently certain malicious actions, such as the exploitation of specific vulnerabilities, are exploited in the wild, but also (and more importantly) how these malicious actions factor in as attack steps in more complex cyberattacks.
In this paper we present , a system that uses temporal word embeddings to model how attack steps are exploited in the wild, and track how they evolve.
We test on a dataset of billions of security events collected from the c
2015-01-13
Published
Exploited in the wild