WordPress Plugin Naver Map 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress WP Google Map Plugin Plugin <= 4.3.9 is vulnerable to Cross Site Scripting (XSS)

Software WP Google Map Plugin Type Plugin Vulnerable versions = 4.3.9 Fixed in 4.4.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23878 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a087af02892c Credits Rafshanzani Suhada...

Interactive Polish Map < 1.2.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress Naver Map Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Naver Map Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0146 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 9b11490559da Credits István Márton Required...

CVE-2022-2425

The WP DS Blog Map WordPress plugin through 3.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress WP DS Blog Map plugin <= 3.1.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Vinay Varma Mudunuri, Krishna Harsha Kondaveeti in WordPress WP DS Blog Map plugin versions = 3.1.3. Solution Deactivate and delete. This plugin has been closed as of July 15, 2022 and is not available for download. This...

WordPress WP Google Map plugin cross-site request forgery vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress plugin is a WordPress open source application plugin. WordPress WP Google Map plugin version 4.2...

CVE-2022-25600

Cross-Site Request Forgery CSRF vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin versions = 4.2.3...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin versions = 4.2.3...

WordPress plugin WP Google Map plugin 跨站请求伪造漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress plugin is a WordPress open source application plugin. WordPress WP Google Map plugin version 4.2...

WordPress Open User Map | Everybody can add locations plugin < 1.2.11 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Open User Map | Everybody can add locations plugin versions 1.2.11. Solution Update the WordPress Open User Map | Everybody can add locations plugin to the latest available version at least 1.2.11...

WordPress Map Plugin alternative to Google Maps using MapQuest, with directions plugin <= 2.15.7 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Map Plugin alternative to Google Maps using MapQuest, with directions plugin versions = 2.15.7. Solution Update the WordPress Map Plugin alternative to Google Maps using MapQuest, with directions plugin to the latest available...

WordPress Map Plugin alternative to Google Maps using MapQuest, with directions plugin <= 2.15.7 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Map Plugin alternative to Google Maps using MapQuest, with directions plugin versions = 2.15.7. Solution Update the WordPress Map Plugin alternative to Google Maps using MapQuest, with directions plugi...

CVE-2021-45729

The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin versions = 1.8.0 allows authenticated low-role users to create, edit, and delete maps...

WordPress plugin 安全漏洞

WordPress plugin is a WordPress open source application plugin. WP Google Map plugin for WordPress version 1.8.0 and earlier has an elevation of privilege vulnerability that stems from an incorrect programmatic call to a high-level native procedure. An attacker could exploit the vulnerability to...

CVE-2021-24467

The Leaflet Map WordPress plugin before 3.0.0 does not verify the CSRF nonce when saving its settings, which allows attackers to make a logged in admin update the settings via a Cross-Site Request Forgery attack. This could lead to Cross-Site Scripting issues by either changing the URL of the...

CVE-2021-24468

The Leaflet Map WordPress plugin before 3.0.0 does not escape some shortcode attributes before they are used in JavaScript code or HTML, which could allow users with a role as low as Contributors to exploit stored XSS issues...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

WordPress WP Google Map plugin <= 1.7.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Pratik Khalane in WordPress WP Google Map plugin versions = 1.7.6. Solution Update the WordPress WP Google Map plugin to the latest available version at least 1.7.7...

WordPress Leaflet Map plugin <= 2.23.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by apple502j in WordPress Leaflet Map plugin versions = 2.23.3. Solution Update the WordPress Leaflet Map plugin to the latest available version at least 3.0.0...