3 matches found
WordPress Very Simple Google Maps Plugin <= 2.9 is vulnerable to Cross Site Scripting (XSS)
Software Very Simple Google Maps Type Plugin Vulnerable versions = 2.9 Fixed in 2.9.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5744 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 645d33a00b1e Credits Lana Codes Require...
CVE-2023-5744
The Very Simple Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'vsgmap' shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-5744
CVE-2023-5744 affects the WordPress plugin Very Simple Google Maps . It is a Stored Cross-Site Scripting (XSS) vulnerability in the plugin’s vsgmap shortcode, present in all versions up to 2.9. An attacker with contributor-level or higher permissions can inject malicious scripts that run when use...