CVE-2021-24468

The Leaflet Map WordPress plugin before 3.0.0 does not escape some shortcode attributes before they are used in JavaScript code or HTML, which could allow users with a role as low as Contributors to exploit stored XSS issues...

Leaflet Map < 3.0.0 - Contributor+ Stored XSS

The plugin does not escape some shortcode attributes before they are used in JavaScript code or HTML, which could allow users with a role as low as Contributors to exploit stored XSS issues Most of the shortcode attributes are not escaped, so these are just one of them: leaflet-map...

WordPress Plugin WordPress File Upload Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Iptanus WordPress File Upload plugin is used in one of the file upload plugin. A security vulnerability exists in...

CVE-2018-9172

The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress mishandles shortcode attributes...

Default credentials

The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress mishandles shortcode attributes...

CVE-2018-9172

The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress mishandles shortcode attributes...