Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Leaflet Map Security Vulnerabilities

cve
cve

CVE-2023-5050

The Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor level and above permissions to...

5.4CVSS

6.1AI Score

0.001EPSS

2023-10-20 07:15 AM
25
cve
cve

CVE-2023-31074

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in hupe13 Extensions for Leaflet Map plugin <= 3.4.1...

6.1CVSS

6AI Score

0.0005EPSS

2023-08-17 11:15 AM
10
cve
cve

CVE-2021-24467

The Leaflet Map WordPress plugin before 3.0.0 does not verify the CSRF nonce when saving its settings, which allows attackers to make a logged in admin update the settings via a Cross-Site Request Forgery attack. This could lead to Cross-Site Scripting issues by either changing the URL of the...

6.5CVSS

6.2AI Score

0.001EPSS

2021-08-09 10:15 AM
26
cve
cve

CVE-2021-24468

The Leaflet Map WordPress plugin before 3.0.0 does not escape some shortcode attributes before they are used in JavaScript code or HTML, which could allow users with a role as low as Contributors to exploit stored XSS...

5.4CVSS

5.2AI Score

0.001EPSS

2021-08-02 11:15 AM
18
3