Lucene search
K

39 matches found

CVE
CVE
added 2024/11/16 9:36 a.m.51 views

CVE-2024-10592

The CVE-2024-10592 entry concerns Mapster WP Maps for WordPress. It describes a Stored Cross-Site Scripting flaw in the popup class parameter affecting all versions up to 1.6.0, caused by insufficient input sanitization and output escaping. The impact is that authenticated users with Contributor-...

6.4CVSS5.7AI score0.00771EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/16 12:0 a.m.3 views

WordPress plugin Mapster WP Maps 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS7.8AI score0.00771EPSS
Exploits0References2
OSV
OSV
added 2024/10/25 7:15 a.m.4 views

CVE-2024-9235

The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to an insufficient capability check on the mapsterwpmapssetoptionfromjs function in all versions up to, and including, 1.5.0. This makes it possible for...

8.8CVSS5.8AI score0.00482EPSS
Exploits0References5
NVD
NVD
added 2024/10/25 7:15 a.m.25 views

CVE-2024-9235

The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to an insufficient capability check on the mapsterwpmapssetoptionfromjs function in all versions up to, and including, 1.5.0. This makes it possible for...

8.8CVSS0.00482EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/10/25 6:51 a.m.27 views

CVE-2024-9235 Mapster WP Maps <= 1.5.0 - Incorrect Authorization to Authenticated (Contributor+) Arbitrary Options Update

The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to an insufficient capability check on the mapsterwpmapssetoptionfromjs function in all versions up to, and including, 1.5.0. This makes it possible for...

8.8CVSS0.00482EPSS
Exploits0References5
CVE
CVE
added 2024/10/25 6:51 a.m.84 views

CVE-2024-9235

CVE-2024-9235 relates to Mapster WP Maps (WordPress) plugin, affected versions up to and including 1.5.0. The issue is caused by an insufficient capability check in the mapster_wp_maps_set_option_from_js() function, enabling authenticated attackers with contributor-level access and above to updat...

8.8CVSS8.8AI score0.00482EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2024/10/25 12:0 a.m.3 views

WordPress plugin Mapster WP Maps 授权问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An authorization...

8.8CVSS6.5AI score0.00482EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/10/25 12:0 a.m.5 views

PT-2024-39510 · WordPress · Mapster Wp Maps

Name of the Vulnerable Software and Affected Versions: Mapster WP Maps plugin for WordPress versions up to, and including, 1.5.0 Description: The issue allows unauthorized modification of data, potentially leading to privilege escalation, due to an insufficient capability check on the mapster wp...

8.8CVSS7.2AI score0.00482EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/10/24 9:57 p.m.3 views

WordPress Mapster WP Maps plugin <= 1.5.0 - Incorrect Authorization to Authenticated (Contributor+) Arbitrary Options Update vulnerability

Incorrect Authorization to Authenticated Contributor+ Arbitrary Options Update vulnerability discovered by Sean Murphy in WordPress Plugin Mapster WP Maps versions = 1.5.0...

8.8CVSS7AI score0.00482EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.12 views

WordPress Mapster WP Maps Plugin <= 1.5.0 is vulnerable to Settings Change

Software Mapster WP Maps Type Plugin Vulnerable versions = 1.5.0 Fixed in 1.6.0 OWASP Top 10 A3: Injection Classification Settings Change CVE CVE-2024-9235 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID b9bebd7cfde8 Credits Sean Murphy Required privilege Contributor...

8.8CVSS6.8AI score0.00482EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/01/08 5:15 p.m.26 views

CVE-2024-21744

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from n/a through 1.2.38...

6.5CVSS6.4AI score0.00328EPSS
Exploits0References1
OSV
OSV
added 2024/01/08 5:15 p.m.5 views

CVE-2024-21744

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from n/a through 1.2.38...

5.4CVSS7.3AI score0.00328EPSS
Exploits0References1
Prion
Prion
added 2024/01/08 5:15 p.m.18 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from n/a through 1.2.38...

4.9CVSS6.9AI score0.00328EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/08 4:58 p.m.31 views

CVE-2024-21744 WordPress Mapster WP Maps Plugin <= 1.2.38 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from n/a through 1.2.38...

6.5CVSS6.6AI score0.00328EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/08 4:58 p.m.12 views

CVE-2024-21744 WordPress Mapster WP Maps Plugin <= 1.2.38 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from n/a through 1.2.38...

6.5CVSS6.7AI score0.00328EPSS
Exploits0References1
CVE
CVE
added 2024/01/08 4:58 p.m.54 views

CVE-2024-21744

CVE-2024-21744 affects Mapster WP Maps on WordPress; vulnerable in versions

6.5CVSS6.7AI score0.00328EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/01/08 12:0 a.m.6 views

WordPress Plugin Mapster WP Maps Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS6AI score0.00328EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/01/05 12:0 a.m.10 views

WordPress Mapster WP Maps Plugin <= 1.2.38 is vulnerable to Cross Site Scripting (XSS)

Software Mapster WP Maps Type Plugin Vulnerable versions = 1.2.38 Fixed in 1.2.39 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-21744 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 826c70212e48 Credits Khalid Yusuf Required privilege...

6.5CVSS6.5AI score0.00328EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.9 views

WordPress Mapster WP Maps Plugin < 1.2.36 is vulnerable to Cross Site Scripting (XSS)

Software Mapster WP Maps Type Plugin Vulnerable versions 1.2.36 Fixed in 1.2.36 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 42d3f06779ba Credits Rafie Muhammad Patchstack Requir...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder