Lucene search
+L

132 matches found

NVD
NVD
added 2024/03/13 2:15 a.m.26 views

CVE-2023-4839

The WP Go Maps for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.0.32 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to...

4.8CVSS4.3AI score0.00342EPSS
Exploits0References2
Prion
Prion
added 2024/03/13 2:15 a.m.29 views

Cross site scripting

The WP Go Maps for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.0.32 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to...

3.2CVSS6.1AI score0.00342EPSS
Exploits0References2
CVE
CVE
added 2024/03/13 1:57 a.m.52 views

CVE-2024-1582

CVE-2024-1582 affects the WordPress plugin WP Go Maps (formerly WP Google Maps). It allows Stored XSS through the plugin’s wpgmza shortcode; exploited via user-supplied attributes due to insufficient input sanitization and output escaping. Affected versions: all prior to and including 9.0.32. Imp...

6.4CVSS6AI score0.0032EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/03/13 1:57 a.m.50 views

CVE-2023-4839

CVE-2023-4839 summary (WP Go Maps for WordPress) The WP Go Maps (WP Google Maps) plugin is affected by a Stored XSS in admin settings, present in versions up to and including 9.0.32. The vulnerability stems from insufficient input sanitization and output escaping, enabling an authenticated attack...

4.8CVSS5AI score0.00342EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/13 12:0 a.m.11 views

PT-2024-13609 · WordPress · Wp Go Maps

Name of the Vulnerable Software and Affected Versions: WP Go Maps for WordPress versions up to, and including, 9.0.32 Description: The issue is related to Stored Cross-Site Scripting via admin settings due to insufficient input sanitization and output escaping. This allows authenticated attackers...

4.8CVSS8AI score0.00342EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.8 views

WordPress Plugin WP Go Maps Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.8CVSS5.9AI score0.00342EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.5 views

WordPress Plugin WP Go Maps Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS5.9AI score0.0032EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/03/13 12:0 a.m.14 views

PT-2024-18148 · WordPress · Wp Go Maps

Name of the Vulnerable Software and Affected Versions: WP Go Maps plugin for WordPress versions up to, and including, 9.0.32 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's 'wpgmza' shortcode, allowing authenticate...

6.4CVSS9.4AI score0.0032EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/03/12 12:0 a.m.10 views

WordPress WP Go Maps Plugin <= 9.0.32 is vulnerable to Cross Site Scripting (XSS)

Software WP Go Maps Type Plugin Vulnerable versions = 9.0.32 Fixed in 9.0.33 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1582 Patch priority Low CVSS severity Low 6.5 Developer WP Go Maps PSID 69b3a77b21e0 Credits Richard Telleng stueotue Require...

6.4CVSS5.7AI score0.0032EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/03/12 12:0 a.m.15 views

WordPress WP Go Maps Plugin <= 9.0.32 is vulnerable to Cross Site Scripting (XSS)

Software WP Go Maps Type Plugin Vulnerable versions = 9.0.32 Fixed in 9.0.33 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4839 Patch priority Low CVSS severity Low 5.9 Developer WP Go Maps PSID af68c0d0cee5 Credits Marco Wotschka - Wordfence...

4.8CVSS5.7AI score0.00342EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/01/24 2:15 p.m.4 views

CVE-2023-6697

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, and including, 9.0.28 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

6.1CVSS5.9AI score0.0104EPSS
Exploits0References2
Prion
Prion
added 2024/01/24 2:15 p.m.22 views

Cross site scripting

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, and including, 9.0.28 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

5.8CVSS6.6AI score0.0104EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/24 1:52 p.m.4 views

CVE-2023-6697

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, and including, 9.0.28 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

6.1CVSS6.2AI score0.0104EPSS
Exploits0References2
CVE
CVE
added 2024/01/24 1:52 p.m.57 views

CVE-2023-6697

WP Go Maps (formerly WP Google Maps) for WordPress is affected by a Reflected XSS in map_id across all versions up to 9.0.28 due to insufficient input sanitization and output escaping. This can allow unauthenticated attackers to inject arbitrary scripts into pages executed by users who click mani...

6.1CVSS6.3AI score0.0104EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/01/24 1:52 p.m.29 views

CVE-2023-6697 WP Go Maps (formerly WP Google Maps) <= 9.0.28 - Reflected Cross-Site Scripting

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, and including, 9.0.28 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

6.1CVSS6.1AI score0.0104EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/24 12:0 a.m.6 views

WordPress Plugin WP Go Maps Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS6.1AI score0.0104EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/01/24 12:0 a.m.12 views

WordPress WP Go Maps Plugin <= 9.0.28 is vulnerable to Cross Site Scripting (XSS)

Software WP Go Maps Type Plugin Vulnerable versions = 9.0.28 Fixed in 9.0.29 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6697 Patch priority Medium CVSS severity Medium 7.1 Developer WP Go Maps PSID a5d68fb003d8 Credits Nex Team Required privileg...

6.1CVSS5.9AI score0.0104EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/01/08 7:15 p.m.5 views

CVE-2023-6627

The WP Go Maps formerly WP Google Maps WordPress plugin before 9.0.28 does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the site...

6.1CVSS5.8AI score0.00619EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2024/01/08 7:0 p.m.2 views

CVE-2023-6627 WP Go Maps < 9.0.28 - Unauthenticated Stored XSS

The WP Go Maps formerly WP Google Maps WordPress plugin before 9.0.28 does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the site...

6.4AI score0.00619EPSS
Exploits2References2
CVE
CVE
added 2024/01/08 7:0 p.m.121 views

CVE-2023-6627

The CVE-2023-6627 entry concerns the WP Go Maps (formerly WP Google Maps) WordPress plugin and a vulnerability in versions prior to 9.0.28. The issue is that most REST API routes are not properly protected, allowing unauthenticated attackers to store malicious HTML/JavaScript on a site via the af...

6.1CVSS6.4AI score0.00619EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder