2 matches found
CVE-2022-0208
The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise and escape the mapid parameter before outputting it back in the "Bad mapid" error message, leading to a Reflected Cross-Site Scripting...
CVE-2022-0208
The WordPress MapPress Maps plugin is affected: pre-2.73.4 versions do not sanitize/escape the mapid parameter in the Bad mapid error, enabling reflected XSS. Impact: injected scripts could run in users’ browsers when viewing affected pages. Affected component: MapPress Maps for WordPress (WordPr...