34 matches found
CVE-2025-23665 WordPress RSV GMaps plugin <= 1.5 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Ravi Kumar Vanukuru RSV GMaps rsv-google-maps allows Stored XSS.This issue affects RSV GMaps: from n/a through = 1.5...
CVE-2025-23665 WordPress RSV GMaps plugin <= 1.5 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Rapid Sort RSV GMaps allows Stored XSS.This issue affects RSV GMaps: from n/a through 1.5...
WordPress GMAPS for WPBakery Page Builder Free Plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin GMAPS for WPBakery Page Builder Free versions = 1.2...
WordPress plugin RSV GMaps 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...
PT-2025-5081 · Wpbakery · Gmaps For Wpbakery Page Builder
Name of the Vulnerable Software and Affected Versions: GMAPS for WPBakery Page Builder Free versions n/a through 1.2 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored Cross-site Scripting XSS. This means that an attacker can...
PT-2024-39689 · WordPress · Phlox
Name of the Vulnerable Software and Affected Versions: Phlox theme plugin for WordPress versions up to, and including, 2.16.4 Description: The issue is related to Stored Cross-Site Scripting via the plugin's aux contact box and aux gmaps shortcodes due to insufficient input sanitization and outpu...
CVE-2024-3341
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'auxgmaps' shortcode in all versions up to, and including, 2.15.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...
qlock.com XSS vulnerability
Open Bug Bounty ID: OBB-163367 Description| Value ---|--- Affected Website:| qlock.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
dealfever.ro XSS vulnerability
Vulnerable URL: http://www.dealfever.ro/plugins/gmaps.php?address=str%20Guliei%20184,%20bl%208,%20Crevedia,%20DB=National=Romania〈=25.9132075'%22%26%25prompt'XSSPOSED'...
Sql injection
SQL injection vulnerability in index.php in the Firestorm Technologies GMaps comgmaps 1.00 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mapId parameter in a viewmap action...
CVE-2007-4128
SQL injection vulnerability in index.php in the Firestorm Technologies GMaps comgmaps 1.00 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mapId parameter in a viewmap action...
CVE-2007-4128
The CVE-2007-4128 entry concerns the Firestorm Technologies GMaps (com_gmaps) 1.00 Joomla! component. Multiple sources confirm a SQL injection vulnerability in index.php where the mapId parameter used in the viewmap action allows remote attackers to manipulate database queries. The underlying iss...
CVE-2007-4128
SQL injection vulnerability in index.php in the Firestorm Technologies GMaps comgmaps 1.00 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mapId parameter in a viewmap action...
GMaps Component for Joomla! 'mapId' Parameter SQLi
The version of the GMaps component for Joomla! running on the remote host is affected by a SQL injection vulnerability in the classes/gmapdao.class.php script due to improper sanitization of user-supplied input to the 'mapId' parameter before using it to construct database queries in the getMap...