Hannes Trunde

**Name of the Vulnerable Software and Affected Versions** WordPress Community Events plugin versions prior to 1.4 **Description** The issue is related to a SQL injection vulnerability. **Recommendations** For WordPress Community Events plugin versions prior to 1.4, update to version 1.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WordPress Tune Library plugin versions prior to 1.5.5 **Description** A SQL injection issue has been identified. **Recommendations** For WordPress Tune Library plugin versions prior to 1.5.5, update to version 1.5.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WP Symposium plugin versions prior to 15.4 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `show` parameter in the QUERY STRING to the default URI in the `forum.php` file. **Recommendations** For WP Symposium plugin versions prior to 15.4, update to version 15.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the `forum.php` file to minimize the risk of exploitation. Avoid using the `show` parameter in the QUERY STRING until the issue is resolved.