84 matches found
CVE-2023-4887 Google Maps Plugin by Intergeo <= 2.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Google Maps Plugin by Intergeo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'intergeo' shortcode in versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
WordPress plugin Google Maps Plugin by Intergeo Cross-site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. uninstall is one of the plugins used to completely uninstall WordPress. WordPress...
WordPress Google Maps Plugin by Intergeo Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)
Software Google Maps Plugin by Intergeo Type Plugin Vulnerable versions = 2.3.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4887 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a4236d4e874a Credits Lana Codes...
PT-2023-30993 · Intergeo · Googlemaps Plugin
Name of the Vulnerable Software and Affected Versions: The Google Maps Plugin by Intergeo for WordPress versions up to, and including, 2.3.2 Description: The issue is related to Stored Cross-Site Scripting via the intergeo shortcode due to insufficient input sanitization and output escaping on...
CVE-2023-23827 WordPress Google Maps v3 Shortcode Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Cross-Site Scripting XSS vulnerability in Google Maps v3 Shortcode plugin = 1.2.1 versions...
CVE-2023-22698
Auth. contributor+ Cross-Site Scripting XSS vulnerability in Jason Bobich Theme Blvd Responsive Google Maps plugin = 1.0.2 versions...
CVE-2023-22698
CVE-2023-22698 affects WordPress Theme Blvd Responsive Google Maps Plugin (versions
PT-2023-19238 · WordPress · Google Maps V3 Shortcode
Name of the Vulnerable Software and Affected Versions: Google Maps v3 Shortcode plugin versions prior to 1.2.2 Description: The issue is related to a Cross-Site Scripting XSS vulnerability that affects users with contributor or higher permissions. This type of vulnerability allows attackers to...
WordPress plugin Maps Widget for Google Maps 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
WordPress plugin Google Maps – WP MAPS 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2023-23864
Auth. contributor+ Cross-Site Scripting XSS vulnerability in Michael Aronoff Very Simple Google Maps plugin = 2.8.4 versions...
Cross site scripting
Auth. contributor+ Cross-Site Scripting XSS vulnerability in Michael Aronoff Very Simple Google Maps plugin = 2.8.4 versions...
CVE-2023-23864
CVE-2023-23864 affects the WordPress plugin Very Simple Google Maps (Michael Aronoff) and is due to an XSS flaw in the plugin’s handling of shortcode attributes. Concretely, versions up to and including 2.8.4 are vulnerable; exploitation requires authenticated access from contributors or higher. ...
CVE-2022-29453
Cross-Site Request Forgery CSRF vulnerability in API KEY for Google Maps plugin = 1.2.1 at WordPress leading to Google Maps API key update...
CVE-2022-29453
The CVE-2022-29453 entry concerns the WordPress plugin API KEY for Google Maps (versions
CVE-2022-29453 WordPress API KEY for Google Maps plugin <= 1.2.1 - CSRF vulnerability leading to Google Maps API key update
Cross-Site Request Forgery CSRF vulnerability in API KEY for Google Maps plugin = 1.2.1 at WordPress leading to Google Maps API key update...
CVE-2022-29453
Cross-Site Request Forgery CSRF vulnerability in API KEY for Google Maps plugin = 1.2.1 at WordPress leading to Google Maps API key update...
WordPress plugin Maps 跨站请求伪造漏洞
WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. A cross-site request forgery vulnerability exists in versions of the WordPress Google Maps plugin prior to 1.8.4. The vulnerability stems from the plugin's failure to perform CSRF checks in most ...
WordPress 跨站请求伪造漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the WordPress plugin Google Maps, which stems from the WordPress...
CVE-2021-36870
Multiple Authenticated Persistent Cross-Site Scripting XSS vulnerabilities in WordPress WP Google Maps plugin versions = 8.1.12. Vulnerable parameters: &datasetname, &wpgmzagdprretentionpurpose, &wpgmzagdprcompanyname, &name 2, &name, &polyname 2, &polyname, &address...