Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:23 a.m.10 views

CVE-2022-4677

The Leaflet Maps Marker WordPress plugin before 3.12.7 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.4CVSS6AI score0.00562EPSS
Exploits2References1
NVD
NVD
added 2023/02/06 8:15 p.m.27 views

CVE-2022-4677

The Leaflet Maps Marker WordPress plugin before 3.12.7 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.4CVSS5.3AI score0.00562EPSS
Exploits2References1
CVE
CVE
added 2023/02/06 7:59 p.m.69 views

CVE-2022-4677

The CVE-2022-4677 entry corresponds to the Leaflet Maps Marker WordPress plugin (Google Maps/OpenStreetMap/Bing Maps) prior to version 3.12.7. The vulnerability arises from improper validation and escaping of a shortcode attribute, enabling Stored Cross-Site Scripting (Stored XSS) by users with a...

5.4CVSS5.3AI score0.00562EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/02/06 7:59 p.m.28 views

CVE-2022-4677 Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) < 3.12.7 - Contributor+ Stored XSS via Shortcode

The Leaflet Maps Marker WordPress plugin before 3.12.7 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.5AI score0.00562EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/01/12 12:0 a.m.15 views

WordPress Leaflet Maps Marker Plugin < 3.12.7 is vulnerable to Cross Site Scripting (XSS)

Software Leaflet Maps Marker Type Plugin Vulnerable versions 3.12.7 Fixed in 3.12.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4677 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 99a82b35c26d Credits Lana Codes...

5.4CVSS5.6AI score0.00562EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder