Lucene search
K

4 matches found

NVD
NVD
added 2024/07/09 9:15 a.m.28 views

CVE-2024-3604

The OSM – OpenStreetMap plugin for WordPress is vulnerable to SQL Injection via the 'taggedfilter' attribute of the 'osmmapv3' shortcode in all versions up to, and including, 6.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

9.9CVSS0.00528EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/07/09 8:33 a.m.13 views

CVE-2024-3604 OSM – OpenStreetMap <= 6.0.3 - Authenticated (Contributor+) SQL Injection

The OSM – OpenStreetMap plugin for WordPress is vulnerable to SQL Injection via the 'taggedfilter' attribute of the 'osmmapv3' shortcode in all versions up to, and including, 6.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

9.9CVSS5.9AI score0.00528EPSS
Exploits0References3
CVE
CVE
added 2024/07/09 8:33 a.m.67 views

CVE-2024-3604

CVE-2024-3604 affects the OSM – OpenStreetMap WordPress plugin. The Red Hat advisory confirms an authenticated SQL Injection via the 'tagged_filter' parameter of the 'osm_map_v3' shortcode, affecting all versions up to 6.0.2. The vulnerability arises from insufficient escaping of user input and l...

9.9CVSS5.9AI score0.00528EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/09 12:0 a.m.11 views

WordPress OSM – OpenStreetMap Plugin <= 6.0.3 is vulnerable to SQL Injection

Software OSM – OpenStreetMap Type Plugin Vulnerable versions = 6.0.3 Fixed in 6.0.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-3604 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID c1b5cb216f5c Credits Krzysztof Zając Required privilege Contributor...

9.9CVSS7.2AI score0.00528EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder