Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-25600 | 2 Fedoraproject, Flippercode | 2 Fedora, Wp Google Map | 2022-04-18 | 6.8 MEDIUM | 8.8 HIGH |
Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin (versions <= 4.2.3). | |||||
CVE-2021-24502 | 1 Flippercode | 1 Wp Google Map | 2021-08-17 | 3.5 LOW | 4.8 MEDIUM |
The WP Google Map WordPress plugin before 1.7.7 did not sanitise or escape the Map Title before outputting them in the page, leading to a Stored Cross-Site Scripting issue by high privilege users, even when the unfiltered_html capability is disallowed | |||||
CVE-2021-24130 | 1 Flippercode | 1 Wp Google Map | 2021-03-24 | 6.5 MEDIUM | 7.2 HIGH |
Unvalidated input in the WP Google Map Plugin WordPress plugin, versions before 4.1.5, in the Manage Locations page within the plugin settings was vulnerable to SQL Injection through a high privileged user (admin+). |