Lucene search
K

5 matches found

Patchstack
Patchstack
added 2025/05/19 1:47 a.m.6 views

WordPress MapFig Studio plugin <= 0.2.1 - Stored XSS via CSRF vulnerability

Stored XSS via CSRF vulnerability discovered by Vuln Seeker Cybersecurity Team in WordPress Plugin MapFig Studio versions = 0.2.1...

6.1CVSS6AI score0.00152EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/17 9:2 p.m.14 views

CVE-2024-6712

The MapFig Studio WordPress plugin through 0.2.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

6.1CVSS5.9AI score0.00152EPSS
Exploits1References1
NVD
NVD
added 2025/05/15 8:15 p.m.6 views

CVE-2024-6712

The MapFig Studio WordPress plugin through 0.2.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

6.1CVSS0.00152EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.29 views

CVE-2024-6712

The CVE-2024-6712 entry concerns the WordPress MapFig Studio plugin (versions ≤ 0.2.1). The root cause is missing CSRF checks in several areas, coupled with insufficient sanitisation and escaping, which could allow a logged-in admin to add stored XSS payloads via a CSRF attack. The vulnerability ...

6.1CVSS5.9AI score0.00152EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.8 views

CVE-2024-6712 MapFig Studio <= 0.2.1 - Stored XSS via CSRF

The MapFig Studio WordPress plugin through 0.2.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

6.1AI score0.00152EPSS
Exploits1References1
Rows per page
Query Builder