4 matches found
CVE-2023-1913
The Maps Widget for Google Maps for WordPress is vulnerable to Stored Cross-Site Scripting via widget settings in versions up to, and including, 4.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permission...
WordPress Maps Widget for Google Maps Plugin <= 4.24 is vulnerable to Cross Site Scripting (XSS)
Software Maps Widget for Google Maps Type Plugin Vulnerable versions = 4.24 Fixed in 4.25 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1913 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 086ac6e4c3d5 Credits Marco Wotschka...
CVE-2023-1913
creationtimestamp| type| source ---|---|--- 2023-04-06 18:27:11+00:00| seen| https://t.me/cibsecurity/61562 2024-01-04 13:56:27+00:00| seen| https://t.me/arpsyndicate/2467...
CVE-2023-1913 Maps Widget for Google Maps <= 4.24 - Authenticated (Administrator+) Stored Cross-Site Scripting
The Maps Widget for Google Maps for WordPress is vulnerable to Stored Cross-Site Scripting via widget settings in versions up to, and including, 4.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permission...