CVE-2023-0146

The Naver Map WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-52189

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jhayghost Ideal Interactive Map allows Stored XSS.This issue affects Ideal Interactive Map: from n/a through 1.2.4...

CVE-2023-47223

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WP Map Plugins Basic Interactive World Map plugin = 2.0 versions...

CVE-2023-47240

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Codeboxr CBX Map for Google Map & OpenStreetMap plugin = 1.1.11 versions...

CVE-2023-23821

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marcin Pietrzak Interactive Polish Map plugin = 1.2 versions...

CVE-2023-45645

Cross-Site Request Forgery CSRF vulnerability in InfoD74 WP Open Street Map plugin = 1.25 versions...

CVE-2023-45052

Cross-Site Request Forgery CSRF vulnerability in dan009 WP Bing Map Pro plugin 5.0 versions...

CVE-2023-45056

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in 100plugins Open User Map plugin = 1.3.26 versions...

CVE-2023-35772

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Alain Gonzalez Google Map Shortcode plugin = 3.1.2 versions...

CVE-2023-44234

Missing Authorization vulnerability in Bastianon Massimo WP GPX Map.This issue affects WP GPX Map: from n/a through 1.7.08...

CVE-2023-43514

Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP...

CVE-2023-41651

Missing Authorization vulnerability in Multi-column Tag Map.This issue affects Multi-column Tag Map: from n/a through 17.0.26...

CVE-2023-37299

Joplin before 2.11.5 allows XSS via an AREA element of an image map...

CVE-2023-3411

The Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.0. This is due to missing nonce validation on the ajaxstoresave function. This makes it possible for unauthenticated...

CVE-2023-2899

The Google Map Shortcode WordPress plugin through 3.1.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2023-5128

The TCD Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'map' shortcode in versions up to, and including, 1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

CVE-2023-5050

The Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor level and above permissions to...

CVE-2023-23815

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Alan Jackson Multi-column Tag Map plugin = 17.0.24 versions...

CVE-2023-45272

Missing Authorization vulnerability in 10Web 10Web Map Builder for Google Maps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.73...

Malicious code in gatsby-plugin-source-map (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf49f8eebef7efd6ec079a3a0196b2b1eaeaf516da7db094412f8d5080f61f0f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...