Lucene search
K

6 matches found

Patchstack
Patchstack
added 2025/05/19 3:9 a.m.15 views

WordPress MapPress Maps for WordPress plugin < 2.93 - Admin+ Stored XSS via Map Settings vulnerability

Admin+ Stored XSS via Map Settings vulnerability discovered by Kientt in WordPress Plugin MapPress Maps for WordPress versions 2.93...

4.8CVSS5.9AI score0.00266EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/17 9:0 p.m.9 views

CVE-2024-8620

The MapPress Maps for WordPress plugin before 2.93 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00266EPSS
Exploits1References1
NVD
NVD
added 2025/05/15 8:15 p.m.23 views

CVE-2024-8620

The MapPress Maps for WordPress plugin before 2.93 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS0.00266EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.37 views

CVE-2024-8620

CVE-2024-8620 affects the WordPress plugin MapPress Maps for WordPress, specifically versions prior to 2.93. The issue is that certain settings are not properly sanitized/escaped, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admins), even when unfiltered_html is disallowed ...

4.8CVSS5.8AI score0.00266EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.34 views

CVE-2024-8620 MapPress Maps for WordPress < 2.93 - Admin+ Stored XSS via Map Settings

The MapPress Maps for WordPress plugin before 2.93 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00266EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.9 views

CVE-2024-8620 MapPress Maps for WordPress < 2.93 - Admin+ Stored XSS via Map Settings

The MapPress Maps for WordPress plugin before 2.93 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8AI score0.00266EPSS
Exploits1References1
Rows per page
Query Builder