6 matches found
WordPress Supsystic Ultimate Maps <1.2.5 - Cross-Site Scripting
WordPress Supsystic Ultimate Maps plugin before 1.2.5 contains an unauthenticated reflected cross-site scripting vulnerability due to improper sanitization of the tab parameter on the options page before outputting it in an attribute. id: CVE-2021-24274 info: name: WordPress Supsystic Ultimate Ma...
CVE-2021-24274
The Ultimate Maps by Supsystic WordPress plugin before 1.2.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue...
WordPress Ultimate Maps 1.2.4 Cross Site Scripting
Exploit Title: WordPress Plugin Ultimate Maps 1.2.4 - Reflected Cross-Site Scripting XSS Date: 3/28/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/ultimate-maps-by-supsystic/ Version: 1.2.4 Tested on: Windows 10 CVE: CVE-2021-24274 1. Description: The plugin did not sanitize the t...
CVE-2021-24274
The Ultimate Maps by Supsystic WordPress plugin before 1.2.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue...
CVE-2021-24274 Ultimate Maps by Supsystic < 1.2.5 - Reflected Cross-Site scripting (XSS)
The Ultimate Maps by Supsystic WordPress plugin before 1.2.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue...
CVE-2021-24274
The CVE-2021-24274 entry refers to the WordPress plugin Ultimate Maps by Supsystic (versions before 1.2.5). The vulnerability is a reflected Cross-Site Scripting (XSS) due to improper sanitization of the tab parameter on the plugin’s options page before output in an attribute. Affected component:...