WordPress Mapplic 6.1 SSRF / Cross Site Scripting

Title : Mapplic Wordpress Plugins Stored XSS Injection via SSRF Date : 22/03/2021 Author : Eagle Eye Vendor Homepage : https://mapplic.com/ Version Affected : 6.1 and below Tested on : Google Chrome XSS Vuln from add/edit Map and bypass with host raw.githubusercontent.com 1.Login as user 2.Add...