10 matches found
CVE-2020-12077
The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces or capability checks, leading to remote code execution...
CVE-2020-12675
The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for...
WordPress mappress-google-maps-for-wordpress code issue vulnerability (CNVD-2020-35726)
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. mappress-google-maps-for-wordpress is an interactive maps plugin used in it. A code issue vulnerability exists in WordPress...
CVE-2020-12675
The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for...
CVE-2020-12675
The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for...
CVE-2020-12675
The CVE-2020-12675 entry concerns the WordPress plugin mappress-google-maps-for-wordpress, version prior to 2.54.6. Affected component: the plugin’s AJAX-related code (creation/retrieval/deletion of PHP template files) with insufficient capability checks, enabling Remote Code Execution. Root caus...
CVE-2020-12675
The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for...
CVE-2020-12077
The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces or capability checks, leading to remote code execution...
WordPress mappress-google-maps-for-wordpress code issue vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. mappress-google-maps-for-wordpress is an interactive maps plugin used in it. A code issue vulnerability exists in WordPress...
PT-2020-13029 · WordPress · Mappress-Google-Maps-For-Wordpress
Name of the Vulnerable Software and Affected Versions: mappress-google-maps-for-wordpress plugin versions prior to 2.53.9 Description: The issue arises from the incorrect implementation of AJAX functions with nonces or capability checks in the mappress-google-maps-for-wordpress plugin, leading to...