28 matches found
WordPress Mapster WP Maps plugin <= 1.9.0 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Mapster WP Maps versions = 1.9.0...
EUVD-2024-19358
Malicious code in bioql PyPI...
EUVD-2024-49810
Malicious code in bioql PyPI...
CVE-2025-9044
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple fields in versions up to, and including, 1.20.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level permissions and...
CVE-2025-9044
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple fields in versions up to, and including, 1.20.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level permissions and...
CVE-2025-9044 Mapster WP Maps <= 1.20.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple fields in versions up to, and including, 1.20.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level permissions and...
CVE-2025-9044
CVE-2025-9044 : Mapster WP Maps (WordPress plugin) is affected by a Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. Exploitation requires authentication (contributor level or higher) and can allow injection of web scripts on pages viewed by users. Affected ...
CVE-2025-9044 Mapster WP Maps <= 1.20.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple fields in versions up to, and including, 1.20.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level permissions and...
WordPress plugin Mapster WP Maps 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripti...
CVE-2024-21744
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from n/a through 1.2.38...
CVE-2024-9235
The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to an insufficient capability check on the mapsterwpmapssetoptionfromjs function in all versions up to, and including, 1.5.0. This makes it possible for...
WordPress Mapster WP Maps plugin <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Akbar Kustirama in WordPress Plugin Mapster WP Maps versions = 1.6.0...
WordPress Mapster WP Maps Plugin <= 1.6.0 is vulnerable to Cross Site Scripting (XSS)
Software Mapster WP Maps Type Plugin Vulnerable versions = 1.6.0 Fixed in 1.7.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10592 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 20e96f022c15 Credits Akbar Kustirama Require...
CVE-2024-10592
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2024-10592 Mapster WP Maps <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2024-10592 Mapster WP Maps <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2024-10592
The CVE-2024-10592 entry concerns Mapster WP Maps for WordPress. It describes a Stored Cross-Site Scripting flaw in the popup class parameter affecting all versions up to 1.6.0, caused by insufficient input sanitization and output escaping. The impact is that authenticated users with Contributor-...
WordPress plugin Mapster WP Maps 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-9235
The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to an insufficient capability check on the mapsterwpmapssetoptionfromjs function in all versions up to, and including, 1.5.0. This makes it possible for...
CVE-2024-9235
CVE-2024-9235 relates to Mapster WP Maps (WordPress) plugin, affected versions up to and including 1.5.0. The issue is caused by an insufficient capability check in the mapster_wp_maps_set_option_from_js() function, enabling authenticated attackers with contributor-level access and above to updat...