Lucene search
K

7 matches found

NVD
NVD
added 2022/08/08 2:15 p.m.21 views

CVE-2022-2424

The Google Maps Anywhere WordPress plugin through 1.2.6.3 does not sanitise and escape any of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS0.00493EPSS
Exploits2References1
OSV
OSV
added 2022/08/08 2:15 p.m.4 views

CVE-2022-2424

The Google Maps Anywhere WordPress plugin through 1.2.6.3 does not sanitise and escape any of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00493EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/08/08 2:15 p.m.2 views

CVE-2022-2424

The Google Maps Anywhere WordPress plugin through 1.2.6.3 does not sanitise and escape any of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.9AI score0.00493EPSS
Exploits2References2
Prion
Prion
added 2022/08/08 2:15 p.m.16 views

Cross site scripting

The Google Maps Anywhere WordPress plugin through 1.2.6.3 does not sanitise and escape any of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

4.3CVSS4.8AI score0.00493EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2022/08/08 12:0 a.m.3 views

WordPress plugin Google Maps Anywhere 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

4.8CVSS5AI score0.00493EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2022/07/18 12:0 a.m.15 views

Google Maps Anywhere <= 1.2.6.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape any of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup PoC Put the following payload in any of the plugin...

4.8CVSS1.7AI score0.00493EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/07/18 12:0 a.m.177 views

Google Maps Anywhere <= 1.2.6.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape any of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup Put the following payload in any of the plugin settings:...

4.8CVSS1.1AI score0.00493EPSS
Exploits2
Rows per page
Query Builder