3 matches found
CVE-2023-5050
Leaflet Map plugin for WordPress is affected by CVE-2023-5050. Affected software: Leaflet Map plugin for WordPress; vulnerable versions up to and including 3.3.0. Root cause: insufficient input sanitization and output escaping leading to Stored Cross-Site Scripting via shortcode attributes. Explo...
CVE-2023-5050
The Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor level and above permissions to...
WordPress Extensions for Leaflet Map Plugin <= 3.3.0 is vulnerable to Cross Site Scripting (XSS)
Software Extensions for Leaflet Map Type Plugin Vulnerable versions = 3.3.0 Fixed in 3.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5050 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID acc5ac62f7be Credits Lana Codes...