PT-2025-24267 · WordPress · Wp Map Plugins Interactive Uk Regional Map

Name of the Vulnerable Software and Affected Versions: WP Map Plugins Interactive UK Regional Map versions n/a through 2.0 Description: A Cross-Site Request Forgery CSRF issue affects the Interactive UK Regional Map, allowing unauthorized actions to be performed on behalf of a user without their...

F5 BIG-IP iControl REST Code Execution

This is an improved version of horizon3ai's F5 BIG-IP iControl REST exploit that provides an interactive shell to run remote commands...

CVE-2024-6456

AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL...

CVE-2024-3111

The Interactive Content WordPress plugin before 1.15.8 does not validate uploads which could allow a Contributors and above to update malicious SVG files, leading to Stored Cross-Site Scripting issues...

CVE-2024-4968

A vulnerability was found in SourceCodester Interactive Map with Marker 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file Marker Name of the component Add Marker. The manipulation leads to cross site scripting. The attack may be launched...

CVE-2024-4275

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Interactive Circle widget in all versions up to, and including, 5.9.19 due to insufficient input sanitization and...

CVE-2024-32779

Missing Authorization vulnerability in Avirtum Vision Interactive.This issue affects Vision Interactive: from n/a through 1.7.1...

CVE-2024-3681

The Interactive World Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search s parameter in all versions up to, and including, 2.4.14 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2024-37215

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in creativeinteractivemedia Transition Slider – Responsive Image Slider and Gallery allows Stored XSS.This issue affects Transition Slider – Responsive Image Slider and Gallery: from n/a throug...

CVE-2024-8151

A vulnerability was found in SourceCodester Interactive Map with Marker 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/delete-mark.php. The manipulation of the argument mark leads to cross site scripting. It is possible to initiate the attack...

CVE-2024-56967

An issue in Cloud Whale Interactive Technology LLC. PolyBuzz iOS 2.0.20 allows attackers to access sensitive user information via supplying a crafted link...

CVE-2024-38712

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Qode Qi Blocks qi-blocks.This issue affects Qi Blocks: from n/a through = 1.3...

CVE-2024-50462

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in html5maps Interactive World Map interactive-world-map allows Stored XSS.This issue affects Interactive World Map: from n/a through = 3.4.4...

CVE-2023-28446

Deno is a simple, modern and secure runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Arbitrary program names without any ANSI filtering allows any malicious program to clear the first 2 lines of a opspawnchild or opkill prompt and replace it with any desired text. This wor...

CVE-2023-22499

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the...

CVE-2023-52189

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jhayghost Ideal Interactive Map allows Stored XSS.This issue affects Ideal Interactive Map: from n/a through 1.2.4...

CVE-2023-47840

Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...

CVE-2023-47680

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Qode Interactive Qi Addons For Elementor plugin = 1.6.3 versions...

CVE-2023-23793

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eightweb Interactive Read More Without Refresh plugin = 3.1 versions...

CVE-2023-23821

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marcin Pietrzak Interactive Polish Map plugin = 1.2 versions...