Lucene search
K

5 matches found

OSV
OSV
added 2023/06/27 4:15 a.m.6 views

CVE-2023-3412

The Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.0. This is due to a missing capability check on the ajaxstoresave function. This makes it possible for authenticated...

5.4CVSS7.3AI score0.00352EPSS
Exploits0References2
OSV
OSV
added 2023/06/27 4:15 a.m.5 views

CVE-2023-3411

The Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.0. This is due to missing nonce validation on the ajaxstoresave function. This makes it possible for unauthenticated...

4.3CVSS7.2AI score0.00253EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/06/27 3:28 a.m.1 views

CVE-2023-3411 Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.0. This is due to missing nonce validation on the ajaxstoresave function. This makes it possible for unauthenticated...

6.1CVSS5.8AI score0.00253EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/06/27 3:28 a.m.23 views

CVE-2023-3411 Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.0. This is due to missing nonce validation on the ajaxstoresave function. This makes it possible for unauthenticated...

6.1CVSS6.1AI score0.00253EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/06/27 12:0 a.m.7 views

WordPress Plugin Image Map Pro–Drag-and-drop Builder for Interactive Images–Lite 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

6.1CVSS6.2AI score0.00253EPSS
Exploits1References3
Rows per page
Query Builder