WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting

WordPress Hero Maps Premium plugin 2.2.1 and prior contains an unauthenticated reflected cross-site scripting vulnerability via the views/dashboard/index.php p parameter. id: CVE-2019-19134 info: name: WordPress Hero Maps Premium =2.2.2 or apply the vendor-provided patch to fix the XSS...

WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting

WordPress Hero Maps Pro 2.1.0 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials...

EUVD-2016-1081

Malware in sbrugna...

CVE-2024-13781

The Hero Maps Premium plugin for WordPress is vulnerable to SQL Injection via several AJAX actions in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2024-13781

The Hero Maps Premium plugin for WordPress is vulnerable to SQL Injection via several AJAX actions in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2024-13781

The Hero Maps Premium plugin for WordPress is vulnerable to SQL Injection via several AJAX actions in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2024-13781

CVE-2024-13781 concerns the WordPress plugin Hero Maps Premium (Customizable Google Maps Plugin) up to version 2.3.9. The vulnerability is a SQL Injection caused by insufficient escaping of user-supplied parameters and insufficient preparation in existing queries, exploitable by authenticated att...

CVE-2024-13781 Hero Maps Premium - Customizable Google Maps Plugin <= 2.3.9 - Authenticated (Subscriber+) SQL Injection

The Hero Maps Premium plugin for WordPress is vulnerable to SQL Injection via several AJAX actions in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2024-13781 Hero Maps Premium - Customizable Google Maps Plugin <= 2.3.9 - Authenticated (Subscriber+) SQL Injection

The Hero Maps Premium plugin for WordPress is vulnerable to SQL Injection via several AJAX actions in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

WordPress plugin Hero Maps Premium SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress Hero Maps Premium - Customizable Google Maps Plugin plugin <= 2.3.9 - Authenticated (Subscriber+) SQL Injection vulnerability

WordPress Hero Maps Premium - Customizable Google Maps Plugin plugin = 2.3.9 - Authenticated Subscriber+ SQL Injection vulnerability discovered by Lucio Sá in WordPress Plugin Hero Maps Premium versions = 2.3.9...

WordPress Hero Maps Premium Plugin Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Hero Maps Premium 2.2.1 and earlier versions. The...

CVE-2019-19134

The Hero Maps Premium plugin 2.2.1 and prior for WordPress is prone to unauthenticated XSS via the views/dashboard/index.php p parameter because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to inject HTML or arbitrary JavaScript within the browser of ...

CVE-2019-19134

The Hero Maps Premium plugin 2.2.1 and prior for WordPress is prone to unauthenticated XSS via the views/dashboard/index.php p parameter because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to inject HTML or arbitrary JavaScript within the browser of ...

CVE-2019-19134

The CVE-2019-19134 entry concerns WordPress Hero Maps Premium plugin (versions ≤ 2.2.1) with an unauthenticated XSS via views/dashboard/index.php p parameter. The issue arises from insufficient input sanitization, enabling injection of HTML/JavaScript in a user’s browser and potentially cookie th...

CVE-2019-19134

The Hero Maps Premium plugin 2.2.1 and prior for WordPress is prone to unauthenticated XSS via the views/dashboard/index.php p parameter because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to inject HTML or arbitrary JavaScript within the browser of ...

WordPress Hero Maps Premium plugin <= 2.2.1 - Unauthenticated Cross-Site Scripting (XSS) vulnerability

Unauthenticated Cross-Site Scripting XSS vulnerability discovered by Hooper Labs in WordPress Hero Maps Premium plugin versions = 2.2.1. Solution Update the WordPress Hero Maps Premium plugin to the latest available version at least 2.2.3...

Hero Maps Premium < 2.2.3 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The hmapsprem WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting XSS security vulnerability...

Wordpress hero-maps-pro plugin cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Wordpress hero-maps-pro plugin version 2.1.0. An attacker...

CVE-2016-1000137

Reflected XSS in wordpress plugin hero-maps-pro v2.1.0...