CVE-2024-5994

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Custom JS option in versions up to, and including, 9.0.38. This makes it possible for authenticated attackers that have been explicitly granted permissions by an administrator, with...

CVE-2024-5994

CVE-2024-5994 affects the WP Go Maps (formerly WP Google Maps) WordPress plugin. The vulnerability is a Stored Cross-Site Scripting (XSS) via the Custom JS option in versions up to 9.0.38. It allows authenticated users with contributor-level permissions and above (granted by an administrator) to ...

CVE-2024-5994 WP Go Maps (formerly WP Google Maps) <= 9.0.38 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Custom JS option in versions up to, and including, 9.0.38. This makes it possible for authenticated attackers that have been explicitly granted permissions by an administrator, with...

WordPress WP Go Maps Plugin <= 9.0.38 is vulnerable to Cross Site Scripting (XSS)

Software WP Go Maps Type Plugin Vulnerable versions = 9.0.38 Fixed in 9.0.39 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5994 Patch priority Low CVSS severity Low 6.5 Developer WP Go Maps PSID a11d12da516d Credits Tim Coen Required privilege...