CVE-2024-0420

The MapPress Maps for WordPress plugin before 2.88.15 does not sanitize and escape the map title when outputting it back in the admin dashboard, allowing Contributors and above roles to perform Stored Cross-Site Scripting attacks...

CVE-2024-0420

MapPress Maps for WordPress Plugin prior to 2.88.15 is affected by a Stored XSS vulnerability: the map title is not sanitized/escaped when output in the admin dashboard, allowing Contributors and higher roles to inject exploits. Impact details reported across multiple sources (including Red Hat, ...

WordPress Plugin MapPress Maps Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability previously existed...

PT-2024-15543 · WordPress · Mappress Maps

Name of the Vulnerable Software and Affected Versions: MapPress Maps for WordPress versions prior to 2.88.15 Description: The issue allows Contributors and above roles to perform Stored Cross-Site Scripting attacks due to the lack of sanitization and escaping of the map title when it is outputted...