Lucene search
+L

5 matches found

NVD
NVD
•added 2025/02/15 6:15 a.m.•18 views

CVE-2024-13208

The Maps Plugin using Google Maps for WordPress WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.3CVSS0.00295EPSS
Exploits1References1
Circl
Circl
•added 2025/02/15 6:5 a.m.•14 views

CVE-2024-13208

creationtimestamp| type| source ---|---|--- 2025-02-15 06:05:43+00:00| seen| https://infosec.exchange/users/cve/statuses/114006395679188174 2025-02-15 06:15:59+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li72wrpebe2o 2025-02-15 07:11:13+00:00| seen|...

4.3CVSS8.7AI score0.00295EPSS
Exploits1References5
CVE
CVE
•added 2025/02/15 6:0 a.m.•55 views

CVE-2024-13208

The CVE-2024-13208 entry refers to the Maps Plugin using Google Maps for WordPress that, prior to version 1.9.4, does not sanitize and escape certain settings. This could allow stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is not allowed (such as in multisite). The v...

4.3CVSS5.8AI score0.00295EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
•added 2025/02/15 6:0 a.m.•11 views

CVE-2024-13208 WP Google Map < 1.9.4 - Admin+ Stored XSS

The Maps Plugin using Google Maps for WordPress WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.3AI score0.00295EPSS
Exploits1References1
Cvelist
Cvelist
•added 2025/02/15 6:0 a.m.•23 views

CVE-2024-13208 WP Google Map < 1.9.4 - Admin+ Stored XSS

The Maps Plugin using Google Maps for WordPress WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

0.00295EPSS
Exploits1References1
Rows per page
Query Builder