3 matches found
CVE-2023-4840
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'mappress' shortcode in versions up to, and including, 2.88.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2023-4840
MapPress Maps for WordPress (a WordPress plugin) has a stored XSS in the mappress shortcode for versions up to 2.88.4 caused by insufficient input sanitization and output escaping of user-supplied attributes. Exploitation requires an authenticated attacker with contributor-level permissions or hi...
WordPress MapPress Maps for WordPress Plugin <= 2.88.4 is vulnerable to Cross Site Scripting (XSS)
Software MapPress Maps for WordPress Type Plugin Vulnerable versions = 2.88.4 Fixed in 2.88.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4840 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4fb9c1035c4b Credits Lana Codes...