Lucene search
Vlad Visse (Patchstack Red Team)PATCHSTACK:2B8238AA1D7FDB82EDADA262821DD2AFHistoryJun 15, 2021 - 12:00 a.m.
WordPress WP Google Maps Pro premium plugin <= 8.1.11 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities
2021-06-1500:00:00
Vlad Visse (Patchstack Red Team)
patchstack.com
4
0.001 Low
EPSS
Percentile
22.9%
Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities discovered by Vlad Visse (Patchstack Red Team) in WordPress WP Google Maps Pro premium plugin (versions <= 8.1.11). Vulnerable parameters: &wpgmaps_marker_category_name, Value > &attributes[], Name > &attributes[], &icons[], &names[], &description, &link, &title.
Solution
Update the WordPress WP Google Maps Pro premium plugin to the latest available version (at least 8.1.12).
| CPE | Name | Operator | Version |
|---|---|---|---|
| wp google maps pro | le | 8.1.11 |
Related
cve
cve
CVE-2021-36871
2021-09-09 12:15:09
wpvulndb
wpvulndb
WP Google Maps Pro < 8.1.12 - Multiple Admin+ Stored Cross-Site Scripting
2021-06-15 00:00:00
prion
prion
Cross site scripting
2021-09-09 12:15:00
cvelist
cvelist
nvd
nvd
CVE-2021-36871
2021-09-09 12:15:09
openvas
openvas
WordPress Google Maps Plugin < 8.1.12 Multiple XSS Vulnerabilities
2021-09-30 00:00:00