6 matches found
EUVD-2014-4514
Malware in sbrugna...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the WP GuestMap plugin 1.8 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 zl, 2 mt, or 3 dc parameter to guest-locator.php; the 4 zl, 5 mt, 6 activate, or 7 dc parameter to online-tracker.php;...
CVE-2014-4587
WP GuestMap plugin for WordPress up to version 1.8 is affected by multiple XSS vulnerabilities. The issue arises from unsanitized user-supplied input in parameters to guest-locator.php, online-tracker.php, stats-map.php, and weather-map.php, enabling remote attackers to inject arbitrary script/HT...
CVE-2014-4587
Multiple cross-site scripting XSS vulnerabilities in the WP GuestMap plugin 1.8 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 zl, 2 mt, or 3 dc parameter to guest-locator.php; the 4 zl, 5 mt, 6 activate, or 7 dc parameter to online-tracker.php;...
WordPress GuestMap Plugin <= 1.8 - Multiple XSS
Because of these vulnerabilities, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...
WP Guestmap <= 1.8 - Multiple XSS
Plugin is still affected and has been closed...