Wordpress Plugin Exploit: Wp-Symposium

This is a wordpress exploit that COMODO WAF didn’t stoped. My antivirus rule stoped this attack instead.

Information on the exploit:

The CPANEL Modsecurity TOOLS log:
900: COMODO WAF: VIRUS or MALWARE content was found in uploaded file
Request: POST /wp-content/plugins/wp-symposium/server/php/index.php
Action Description:

The site logs: - - [20/Feb/2015:12:44:00 +0000] “POST /wp-content/plugins/wp-symposium/server/php/index.php HTTP/1.1” 301 - “-” “Mozilla/5.0 (Windows NT 6.1; rv:36.0) Gecko/20100101 Firefox/36.0”

Thank you, we will check this issue.