WordPress Supsystic Ultimate Maps <1.2.5 - Cross-Site Scripting

WordPress Supsystic Ultimate Maps plugin before 1.2.5 contains an unauthenticated reflected cross-site scripting vulnerability due to improper sanitization of the tab parameter on the options page before outputting it in an attribute. id: CVE-2021-24274 info: name: WordPress Supsystic Ultimate Ma...

CVE-2020-37242

Supsystic Ultimate Maps 1.1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'sidx' GET parameter. Attackers can send crafted requests to the getListForTbl action with boolean-based blind or...

CVE-2020-37242

Supsystic Ultimate Maps 1.1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'sidx' GET parameter. Attackers can send crafted requests to the getListForTbl action with boolean-based blind or...

CVE-2020-37242

Supsystic Ultimate Maps 1.1.12 (WordPress plugin) contains an SQL injection via the sidx GET parameter in the getListForTbl action. An unauthenticated attacker can send crafted requests to perform boolean-based blind or time-based blind SQL injection to extract data from the database. No remediat...

CVE-2020-37242

Supsystic Ultimate Maps 1.1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'sidx' GET parameter. Attackers can send crafted requests to the getListForTbl action with boolean-based blind or...

PT-2026-41442

Supsystic Ultimate Maps 1.1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'sidx' GET parameter. Attackers can send crafted requests to the getListForTbl action with boolean-based blind or...

WordPress plugin Supsystic Ultimate Maps SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress Ultimate Maps by Supsystic plugin < 1.2.16 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Mert Umut in WordPress Plugin Ultimate Maps by Supsystic versions 1.2.16...

EUVD-2021-11188

Malware in sbrugna...

EUVD-2024-29167

Malicious code in bioql PyPI...

EUVD-2023-58945

Malicious code in bioql PyPI...

CVE-2024-31271

Cross-Site Request Forgery CSRF vulnerability in Supsystic Ultimate Maps by Supsystic.This issue affects Ultimate Maps by Supsystic: from n/a through 1.2.16...

CVE-2023-6732

The Ultimate Maps by Supsystic WordPress plugin before 1.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2021-24274

The Ultimate Maps by Supsystic WordPress plugin before 1.2.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue...

CVE-2024-31271

Cross-Site Request Forgery CSRF vulnerability in Supsystic Ultimate Maps by Supsystic.This issue affects Ultimate Maps by Supsystic: from n/a through 1.2.16...

CVE-2024-31271

CVE-2024-31271 is a CSRF vulnerability in the WordPress plugin Ultimate Maps by Supsystic, affecting versions up to 1.2.16. The CVSS v3.1 vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N with base score 4.3 (Medium). No exploit details are provided in the documents; exploitation status is n...

CVE-2024-31271 WordPress Ultimate Maps plugin <= 1.2.16 - Cross Site Request Forgery vulnerability

Cross-Site Request Forgery CSRF vulnerability in Supsystic Ultimate Maps by Supsystic.This issue affects Ultimate Maps by Supsystic: from n/a through 1.2.16...

WordPress Plugin Ultimate Maps by Supsystic 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Ultimate Maps by Supsystic...

PT-2024-23916 · Supsystic · Supsystic Ultimate Maps

Name of the Vulnerable Software and Affected Versions: Supsystic Ultimate Maps by Supsystic versions 1.2.16 and earlier Description: A Cross-Site Request Forgery CSRF issue has been identified. This type of issue allows an attacker to trick a user into performing unintended actions on a web...

WordPress Ultimate Maps plugin <= 1.2.16 - Cross Site Request Forgery vulnerability

Cross Site Request Forgery vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Ultimate Maps by Supsystic versions = 1.2.16...