3 matches found
CVE-2015-1383
Cross-site scripting XSS vulnerability in the geo search widget in the Geo Mashup plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the search key...
CVE-2015-1383
Cross-site scripting XSS vulnerability in the geo search widget in the Geo Mashup plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the search key...
CVE-2015-1383
CVE-2015-1383 concerns the WordPress Geo Mashup plugin (versions prior to 1.8.3). The vulnerability is a Cross‑Site Scripting (XSS) flaw in the plugin’s geo search widget, where the input from the user’s search key is not properly sanitized, allowing an attacker to inject arbitrary scripts into t...