4 matches found
CVE-2024-9235
The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to an insufficient capability check on the mapsterwpmapssetoptionfromjs function in all versions up to, and including, 1.5.0. This makes it possible for...
CVE-2024-9235
creationtimestamp| type| source ---|---|--- 2024-10-25 10:23:24+00:00| seen| https://t.me/cvedetector/8892 2026-07-05 11:07:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mpvgoc6fpw2a...
CVE-2024-9235 Mapster WP Maps <= 1.5.0 - Incorrect Authorization to Authenticated (Contributor+) Arbitrary Options Update
The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to an insufficient capability check on the mapsterwpmapssetoptionfromjs function in all versions up to, and including, 1.5.0. This makes it possible for...
WordPress Mapster WP Maps Plugin <= 1.5.0 is vulnerable to Settings Change
Software Mapster WP Maps Type Plugin Vulnerable versions = 1.5.0 Fixed in 1.6.0 OWASP Top 10 A3: Injection Classification Settings Change CVE CVE-2024-9235 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID b9bebd7cfde8 Credits Sean Murphy Required privilege Contributor...