132 matches found
CVE-2023-4839
The WP Go Maps for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.0.32 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to...
Cross site scripting
The WP Go Maps for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.0.32 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to...
CVE-2024-1582
CVE-2024-1582 affects the WordPress plugin WP Go Maps (formerly WP Google Maps). It allows Stored XSS through the plugin’s wpgmza shortcode; exploited via user-supplied attributes due to insufficient input sanitization and output escaping. Affected versions: all prior to and including 9.0.32. Imp...
CVE-2023-4839
CVE-2023-4839 summary (WP Go Maps for WordPress) The WP Go Maps (WP Google Maps) plugin is affected by a Stored XSS in admin settings, present in versions up to and including 9.0.32. The vulnerability stems from insufficient input sanitization and output escaping, enabling an authenticated attack...
PT-2024-13609 · WordPress · Wp Go Maps
Name of the Vulnerable Software and Affected Versions: WP Go Maps for WordPress versions up to, and including, 9.0.32 Description: The issue is related to Stored Cross-Site Scripting via admin settings due to insufficient input sanitization and output escaping. This allows authenticated attackers...
WordPress Plugin WP Go Maps Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Plugin WP Go Maps Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-18148 · WordPress · Wp Go Maps
Name of the Vulnerable Software and Affected Versions: WP Go Maps plugin for WordPress versions up to, and including, 9.0.32 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's 'wpgmza' shortcode, allowing authenticate...
WordPress WP Go Maps Plugin <= 9.0.32 is vulnerable to Cross Site Scripting (XSS)
Software WP Go Maps Type Plugin Vulnerable versions = 9.0.32 Fixed in 9.0.33 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1582 Patch priority Low CVSS severity Low 6.5 Developer WP Go Maps PSID 69b3a77b21e0 Credits Richard Telleng stueotue Require...
WordPress WP Go Maps Plugin <= 9.0.32 is vulnerable to Cross Site Scripting (XSS)
Software WP Go Maps Type Plugin Vulnerable versions = 9.0.32 Fixed in 9.0.33 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4839 Patch priority Low CVSS severity Low 5.9 Developer WP Go Maps PSID af68c0d0cee5 Credits Marco Wotschka - Wordfence...
CVE-2023-6697
The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, and including, 9.0.28 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
Cross site scripting
The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, and including, 9.0.28 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
CVE-2023-6697
The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, and including, 9.0.28 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
CVE-2023-6697
WP Go Maps (formerly WP Google Maps) for WordPress is affected by a Reflected XSS in map_id across all versions up to 9.0.28 due to insufficient input sanitization and output escaping. This can allow unauthenticated attackers to inject arbitrary scripts into pages executed by users who click mani...
CVE-2023-6697 WP Go Maps (formerly WP Google Maps) <= 9.0.28 - Reflected Cross-Site Scripting
The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, and including, 9.0.28 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
WordPress Plugin WP Go Maps Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress WP Go Maps Plugin <= 9.0.28 is vulnerable to Cross Site Scripting (XSS)
Software WP Go Maps Type Plugin Vulnerable versions = 9.0.28 Fixed in 9.0.29 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6697 Patch priority Medium CVSS severity Medium 7.1 Developer WP Go Maps PSID a5d68fb003d8 Credits Nex Team Required privileg...
CVE-2023-6627
The WP Go Maps formerly WP Google Maps WordPress plugin before 9.0.28 does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the site...
CVE-2023-6627 WP Go Maps < 9.0.28 - Unauthenticated Stored XSS
The WP Go Maps formerly WP Google Maps WordPress plugin before 9.0.28 does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the site...
CVE-2023-6627
The CVE-2023-6627 entry concerns the WP Go Maps (formerly WP Google Maps) WordPress plugin and a vulnerability in versions prior to 9.0.28. The issue is that most REST API routes are not properly protected, allowing unauthenticated attackers to store malicious HTML/JavaScript on a site via the af...