Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/02/17 6:16 a.m.12 views

CVE-2024-13306

The Maps Plugin using Google Maps for WordPress WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.3CVSS5.7AI score0.00312EPSS
Exploits1References1
nvd
nvd
added 2025/02/15 6:15 a.m.16 views

CVE-2024-13306

The Maps Plugin using Google Maps for WordPress WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.3CVSS0.00312EPSS
Exploits1References1
circl
circl
added 2025/02/15 6:5 a.m.13 views

CVE-2024-13306

creationtimestamp| type| source ---|---|--- 2025-02-15 06:05:44+00:00| seen| https://infosec.exchange/users/cve/statuses/114006395694000942 2025-02-15 06:16:01+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li72wtuyhf2t 2025-02-15 07:11:12+00:00| seen|...

4.3CVSS8.7AI score0.00312EPSS
Exploits1References6
vulnrichment
vulnrichment
added 2025/02/15 6:0 a.m.8 views

CVE-2024-13306 WP Google Map < 1.9.4 - Admin+ Stored XSS

The Maps Plugin using Google Maps for WordPress WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.3AI score0.00312EPSS
Exploits1References1
cve
cve
added 2025/02/15 6:0 a.m.54 views

CVE-2024-13306

CVE-2024-13306 affects the Maps Plugin using Google Maps for WordPress (WP Google Map) prior to version 1.9.4. The vulnerability arises from insufficient sanitisation/escaping of certain plugin settings, enabling stored XSS by high-privilege users (e.g., admins), including scenarios where unfilte...

4.3CVSS5.8AI score0.00312EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2025/02/15 6:0 a.m.14 views

CVE-2024-13306 WP Google Map < 1.9.4 - Admin+ Stored XSS

The Maps Plugin using Google Maps for WordPress WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

0.00312EPSS
Exploits1References1
Rows per page
Query Builder