CVE-2023-2899

creationtimestamp| type| source ---|---|--- 2023-06-19 14:31:29+00:00| seen| https://t.me/cibsecurity/65337...

CVE-2023-2899 Google Map Shortcode <= 3.1.2 - Contributor+ Stored XSS

The Google Map Shortcode WordPress plugin through 3.1.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2023-2899

CVE-2023-2899 affects Google Map Shortcode WordPress plugin up to version 3.1.2. It allows Stored XSS by not validating/escaping certain shortcode attributes output back to the page, enabling attacks against admin/high-privilege users via low-privilege (Contributor+) accounts. Public details conf...

CVE-2023-2899 Google Map Shortcode <= 3.1.2 - Contributor+ Stored XSS

The Google Map Shortcode WordPress plugin through 3.1.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

WordPress Google Map Shortcode Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Google Map Shortcode Type Plugin Vulnerable versions = 3.1.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2899 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c83d68b2188f Credits Lana Codes...