CVE-2020-36853

The 10WebMapBuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Plugin Settings Change in versions up to, and including, 1.0.63 due to insufficient input sanitization and output escaping and a lack of capability checks. This makes it possible for unauthenticated attacker...

CVE-2020-36853

The CVE-2020-36853 entry concerns the WordPress plugin 10WebMapBuilder, with a Stored Cross-Site Scripting (XSS) vulnerability affecting versions up to and including 1.0.63. The issue stems from insufficient input sanitization and output escaping and a lack of capability checks in the Plugin Sett...

CVE-2020-36853 10WebMapBuilder <= 1.0.63 - Unauthenticated Stored Cross-Site Scripting via Plugin Settings Change

The 10WebMapBuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Plugin Settings Change in versions up to, and including, 1.0.63 due to insufficient input sanitization and output escaping and a lack of capability checks. This makes it possible for unauthenticated attacker...

WordPress plugin Oxygen MyData for WooCommerce 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...