Lucene search
Vlad Visse (Patchstack Red Team)PATCHSTACK:3F5E5DA55E1D103D32AE30645FC5B335HistoryJun 15, 2021 - 12:00 a.m.
WordPress WP Google Maps plugin <= 8.1.12 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities
2021-06-1500:00:00
Vlad Visse (Patchstack Red Team)
patchstack.com
7
0.0004 Low
EPSS
Percentile
15.9%
Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities discovered by Vlad Visse (Patchstack Red Team) in WordPress WP Google Maps plugin (versions <= 8.1.12). Vulnerable parameters: &dataset_name, &wpgmza_gdpr_retention_purpose, &wpgmza_gdpr_company_name, &name #2, &name, &polyname #2, &polyname, &address.
Solution
Update the WordPress WP Google Maps plugin to the latest available version (at least 8.1.13).
| CPE | Name | Operator | Version |
|---|---|---|---|
| wp google maps | le | 8.1.12 |
Related
wpvulndb
wpvulndb
WP Google Maps < 8.1.13 - Multiple Admin+ Stored Cross-Site Scripting
2021-06-15 00:00:00
openvas
openvas
WordPress Google Maps Plugin < 8.1.13 XSS Vulnerability
2021-09-30 00:00:00
prion
prion
Cross site scripting
2021-09-09 12:15:00
nvd
nvd
CVE-2021-36870
2021-09-09 12:15:09
cve
cve
CVE-2021-36870
2021-09-09 12:15:09
cvelist
cvelist