5 matches found
CVE-2023-6627
The WP Go Maps formerly WP Google Maps WordPress plugin before 9.0.28 does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the site...
CVE-2023-6627 WP Go Maps < 9.0.28 - Unauthenticated Stored XSS
The WP Go Maps formerly WP Google Maps WordPress plugin before 9.0.28 does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the site...
CVE-2023-6627 WP Go Maps < 9.0.28 - Unauthenticated Stored XSS
The WP Go Maps formerly WP Google Maps WordPress plugin before 9.0.28 does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the site...
CVE-2023-6627
The CVE-2023-6627 entry concerns the WP Go Maps (formerly WP Google Maps) WordPress plugin and a vulnerability in versions prior to 9.0.28. The issue is that most REST API routes are not properly protected, allowing unauthenticated attackers to store malicious HTML/JavaScript on a site via the af...
WordPress WP Go Maps Plugin < 9.0.28 is vulnerable to Cross Site Scripting (XSS)
Software WP Go Maps Type Plugin Vulnerable versions 9.0.28 Fixed in 9.0.28 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6627 Patch priority Medium CVSS severity Medium 7.1 Developer WP Go Maps PSID 5fe45794e92f Credits Marc Montpas Required...