39 matches found
CVE-2024-10592
The CVE-2024-10592 entry concerns Mapster WP Maps for WordPress. It describes a Stored Cross-Site Scripting flaw in the popup class parameter affecting all versions up to 1.6.0, caused by insufficient input sanitization and output escaping. The impact is that authenticated users with Contributor-...
WordPress plugin Mapster WP Maps 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-9235
The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to an insufficient capability check on the mapsterwpmapssetoptionfromjs function in all versions up to, and including, 1.5.0. This makes it possible for...
CVE-2024-9235
The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to an insufficient capability check on the mapsterwpmapssetoptionfromjs function in all versions up to, and including, 1.5.0. This makes it possible for...
CVE-2024-9235 Mapster WP Maps <= 1.5.0 - Incorrect Authorization to Authenticated (Contributor+) Arbitrary Options Update
The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to an insufficient capability check on the mapsterwpmapssetoptionfromjs function in all versions up to, and including, 1.5.0. This makes it possible for...
CVE-2024-9235
CVE-2024-9235 relates to Mapster WP Maps (WordPress) plugin, affected versions up to and including 1.5.0. The issue is caused by an insufficient capability check in the mapster_wp_maps_set_option_from_js() function, enabling authenticated attackers with contributor-level access and above to updat...
WordPress plugin Mapster WP Maps 授权问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An authorization...
PT-2024-39510 · WordPress · Mapster Wp Maps
Name of the Vulnerable Software and Affected Versions: Mapster WP Maps plugin for WordPress versions up to, and including, 1.5.0 Description: The issue allows unauthorized modification of data, potentially leading to privilege escalation, due to an insufficient capability check on the mapster wp...
WordPress Mapster WP Maps plugin <= 1.5.0 - Incorrect Authorization to Authenticated (Contributor+) Arbitrary Options Update vulnerability
Incorrect Authorization to Authenticated Contributor+ Arbitrary Options Update vulnerability discovered by Sean Murphy in WordPress Plugin Mapster WP Maps versions = 1.5.0...
WordPress Mapster WP Maps Plugin <= 1.5.0 is vulnerable to Settings Change
Software Mapster WP Maps Type Plugin Vulnerable versions = 1.5.0 Fixed in 1.6.0 OWASP Top 10 A3: Injection Classification Settings Change CVE CVE-2024-9235 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID b9bebd7cfde8 Credits Sean Murphy Required privilege Contributor...
CVE-2024-21744
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from n/a through 1.2.38...
CVE-2024-21744
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from n/a through 1.2.38...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from n/a through 1.2.38...
CVE-2024-21744 WordPress Mapster WP Maps Plugin <= 1.2.38 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from n/a through 1.2.38...
CVE-2024-21744 WordPress Mapster WP Maps Plugin <= 1.2.38 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from n/a through 1.2.38...
CVE-2024-21744
CVE-2024-21744 affects Mapster WP Maps on WordPress; vulnerable in versions
WordPress Plugin Mapster WP Maps Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Mapster WP Maps Plugin <= 1.2.38 is vulnerable to Cross Site Scripting (XSS)
Software Mapster WP Maps Type Plugin Vulnerable versions = 1.2.38 Fixed in 1.2.39 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-21744 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 826c70212e48 Credits Khalid Yusuf Required privilege...
WordPress Mapster WP Maps Plugin < 1.2.36 is vulnerable to Cross Site Scripting (XSS)
Software Mapster WP Maps Type Plugin Vulnerable versions 1.2.36 Fixed in 1.2.36 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 42d3f06779ba Credits Rafie Muhammad Patchstack Requir...