49 matches found
EUVD-2024-32245
Malicious code in bioql PyPI...
EUVD-2024-37620
Malicious code in bioql PyPI...
EUVD-2022-52001
Malicious code in bioql PyPI...
EUVD-2022-24466
Malicious code in bioql PyPI...
CVE-2024-3670
The Leaflet Maps Marker Google Maps, OpenStreetMap, Bing Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mapsmarker' shortcode in all versions up to, and including, 3.12.8 due to insufficient input sanitization and output escaping on user supplied attribut...
CVE-2022-4677
The Leaflet Maps Marker WordPress plugin before 3.12.7 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...
CVE-2022-1123
The Leaflet Maps Marker Google Maps, OpenStreetMap, Bing Maps WordPress plugin before 3.12.5 does not properly sanitize some parameters before inserting them into SQL queries. As a result, high privilege users could perform SQL injection attacks...
CVE-2024-38782
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in MapsMarker.Com e.U. Leaflet Maps Marker allows Stored XSS.This issue affects Leaflet Maps Marker: from n/a through 3.12.9...
CVE-2024-38782
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in MapsMarker.Com e.U. Leaflet Maps Marker allows Stored XSS.This issue affects Leaflet Maps Marker: from n/a through 3.12.9...
CVE-2024-38782 WordPress Leaflet Maps Marker plugin <= 3.12.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in MapsMarker.Com e.U. Leaflet Maps Marker allows Stored XSS.This issue affects Leaflet Maps Marker: from n/a through 3.12.9...
CVE-2024-38782 WordPress Leaflet Maps Marker plugin <= 3.12.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in MapsMarker.Com e.U. Leaflet Maps Marker allows Stored XSS.This issue affects Leaflet Maps Marker: from n/a through 3.12.9...
CVE-2024-38782
Leaflet Maps Marker (WordPress plugin) versions
WordPress Leaflet Maps Marker plugin <= 3.12.9 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Leaflet Maps Marker versions = 3.12.9...
WordPress Leaflet Maps Marker Plugin <= 3.12.9 is vulnerable to Cross Site Scripting (XSS)
Software Leaflet Maps Marker Type Plugin Vulnerable versions = 3.12.9 Fixed in 3.12.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38782 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9802cb5e3912 Credits LVT-tholv2k Required privilege...
WordPress Leaflet Maps Marker plugin <= 3.12.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin Leaflet Maps Marker versions = 3.12.8...
WordPress Leaflet Maps Marker Plugin <= 3.12.8 is vulnerable to Cross Site Scripting (XSS)
Software Leaflet Maps Marker Type Plugin Vulnerable versions = 3.12.8 Fixed in 3.12.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3670 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b2bea7978f3c Credits Krzysztof Zając...
CVE-2024-3670
CVE-2024-3670 : Leaflet Maps Marker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the mapsmarker shortcode in all versions up to and including 3.12.8. Root cause: insufficient input sanitization and output escaping for user-provided shortcode attributes (e.g., mapwidthunit...
PT-2024-27133 · WordPress · Leaflet Maps Marker
Name of the Vulnerable Software and Affected Versions: Leaflet Maps Marker plugin for WordPress versions up to, and including, 3.12.8 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping on user-supplied attributes, such as...
WordPress plugin Leaflet Maps Marker 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) < 3.12.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The Leaflet Maps Marker Google Maps, OpenStreetMap, Bing Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mapsmarker' shortcode in all versions up to, and including, 3.12.8 due to insufficient input sanitization and output escaping on user...