2 matches found
CVE-2015-4615
CVE-2015-4615 affects the Easy2Map-Photos WordPress Plugin (v1.0.9). The vulnerability is an SQL Injection via unsanitized inputs including mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML, and mapID, caused by non-parameterized SQL queries in Functions.php....
CVE-2015-4617
CVE-2015-4617 affects the WordPress plugin Easy2map-photos (v1.0.9) and concerns path traversal in MapPinImageUpload.php and MapPinIconSave.php, allowing files to be created outside the upload directory. The issue is triggered via file-name handling and is not due to a missing authentication vect...