Lucene search
K

131 matches found

Patchstack
Patchstack
added 2024/06/13 12:16 p.m.5 views

WordPress WP Go Maps plugin <= 9.0.38 - Authenticated Stored Cross-Site Scripting vulnerability

Authenticated Stored Cross-Site Scripting vulnerability discovered by Tim Coen in WordPress Plugin WP Go Maps versions = 9.0.38...

6.4CVSS5.8AI score0.00367EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/24 6:32 a.m.11 views

WordPress WP Go Maps (formerly WP Google Maps) plugin <= 9.0.36 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Thanh Nam Tran in WordPress Plugin WP Go Maps versions = 9.0.36...

6.4CVSS5.8AI score0.00325EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/05/24 5:15 a.m.6 views

CVE-2024-3557

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpgmza shortcode in all versions up to, and including, 9.0.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

5.4CVSS5.9AI score0.00325EPSS
Exploits0References3
NVD
NVD
added 2024/05/24 5:15 a.m.28 views

CVE-2024-3557

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpgmza shortcode in all versions up to, and including, 9.0.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

6.4CVSS5.9AI score0.00325EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/24 4:29 a.m.32 views

CVE-2024-3557 WP Go Maps (formerly WP Google Maps) <= 9.0.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpgmza shortcode in all versions up to, and including, 9.0.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

6.4CVSS5.9AI score0.00325EPSS
Exploits0References3
CVE
CVE
added 2024/05/24 4:29 a.m.74 views

CVE-2024-3557

CVE-2024-3557 refers to a Stored Cross-Site Scripting vulnerability in the WordPress plugin WP Go Maps (formerly WP Google Maps) . The weakness is due to insufficient input sanitization and output escaping on user-supplied attributes used by the plugin shortcode wpgmza, affecting versions up to a...

6.4CVSS5.8AI score0.00325EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/05/24 12:0 a.m.4 views

WordPress plugin WP Go Maps 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.4CVSS5.9AI score0.00325EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/24 12:0 a.m.9 views

PT-2024-26550 · WordPress · Wp Go Maps

Name of the Vulnerable Software and Affected Versions: WP Go Maps plugin for WordPress versions up to, and including, 9.0.36 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's wpgmza shortcode. This allows authenticat...

6.4CVSS6.9AI score0.00325EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/04/11 1:20 p.m.8 views

WordPress WP Go Maps (formerly WP Google Maps) plugin <= 9.0.34 - Information Exposure to Potential Denial of Service vulnerability

Information Exposure to Potential Denial of Service vulnerability discovered by WordFence in WordPress Plugin WP Go Maps versions = 9.0.34...

6.5CVSS6.9AI score0.00795EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/09 6:58 p.m.16 views

CVE-2023-6777 WP Go Maps (formerly WP Google Maps) <= 9.0.34 - Information Exposure to Potential Denial of Service

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 9.0.34 due to the plugin adding the API key to several plugin files. This makes it possible for unauthenticated attackers to obtain the developer's...

5.3CVSS7.2AI score0.00795EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.5 views

PT-2024-15080 · WordPress · Wp Go Maps

Name of the Vulnerable Software and Affected Versions: WP Go Maps plugin for WordPress versions up to, and including, 9.0.34 Description: The issue allows unauthenticated attackers to obtain the developer's Google API key due to the plugin adding the API key to several plugin files. This does not...

6.5CVSS9.5AI score0.00795EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.6 views

WordPress Plugin WP Go Maps 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.5CVSS8.8AI score0.00795EPSS
Exploits0References3
OSV
OSV
added 2024/03/27 10:15 a.m.6 views

CVE-2024-29931

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Go Maps formerly WP Google Maps WP Google Maps allows Reflected XSS.This issue affects WP Google Maps: from n/a through 9.0.29...

6.1CVSS5.8AI score0.00753EPSS
Exploits0References1
NVD
NVD
added 2024/03/27 10:15 a.m.22 views

CVE-2024-29931

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPGMaps WP Go Maps wp-google-maps.This issue affects WP Go Maps: from n/a through = 9.0.29...

7.1CVSS6.9AI score0.00753EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/27 10:10 a.m.31 views

CVE-2024-29931 WordPress WP Go Maps plugin <= 9.0.29 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPGMaps WP Go Maps wp-google-maps.This issue affects WP Go Maps: from n/a through = 9.0.29...

7.1CVSS7.1AI score0.00753EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/27 10:10 a.m.17 views

CVE-2024-29931 WordPress WP Go Maps plugin <= 9.0.29 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPGMaps WP Go Maps wp-google-maps.This issue affects WP Go Maps: from n/a through = 9.0.29...

7.1CVSS7.2AI score0.00753EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.5 views

WordPress Plugin WP Go Maps 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

7.1CVSS7AI score0.00753EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2024/03/25 12:0 a.m.5 views

VulnCheck KEV: CVE-2024-29931

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPGMaps WP Go Maps wp-google-maps.This issue affects WP Go Maps: from n/a through = 9.0.29...

6.1CVSS7.3AI score0.00753EPSS
Exploits0References1
OSV
OSV
added 2024/03/13 2:15 a.m.6 views

CVE-2024-1582

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpgmza' shortcode in all versions up to, and including, 9.0.32 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

5.4CVSS5.9AI score0.0032EPSS
Exploits0References2
NVD
NVD
added 2024/03/13 2:15 a.m.25 views

CVE-2023-4839

The WP Go Maps for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.0.32 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to...

4.8CVSS4.3AI score0.00342EPSS
Exploits0References2
Rows per page
Query Builder