5.4CVSS
6.7AI Score
0.0005EPSS
The Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mapsmarker' shortcode in all versions up to, and including, 3.12.8 due to insufficient input sanitization and output escaping on user supplied...
6.4CVSS
5.7AI Score
0.0004EPSS
Cross-Site Request Forgery (CSRF) vulnerability in 闪电博 多合一搜索自动推送管理插件-支持Baidu/Google/Bing/IndexNow/Yandex/头条 plugin <= 4.2.7...
8.8CVSS
8.7AI Score
0.001EPSS
Cross-Site Request Forgery (CSRF) vulnerability in dan009 WP Bing Map Pro plugin < 5.0...
8.8CVSS
8.8AI Score
0.001EPSS
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Himanshu Bing Site Verification plugin using Meta Tag plugin <= 1.0...
5.9CVSS
4.8AI Score
0.0005EPSS
The Leaflet Maps Marker WordPress plugin before 3.12.7 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting...
5.4CVSS
5.3AI Score
0.001EPSS
The Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) WordPress plugin before 3.12.5 does not properly sanitize some parameters before inserting them into SQL queries. As a result, high privilege users could perform SQL injection...
7.2CVSS
7.2AI Score
0.001EPSS
The fetch_product_ajax functionality in the Product Feed on WooCommerce WordPress plugin before 3.3.1.0 uses a product_id POST parameter which is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL...
7.2CVSS
7.2AI Score
0.001EPSS
4.7CVSS
5AI Score
0.001EPSS
A spoofing vulnerability exists when Microsoft Bing Search for Android improperly handles specific HTML content, aka 'Microsoft Bing Search Spoofing...
6.5CVSS
6.8AI Score
0.002EPSS
The Microsoft Bing application before 4.2.1 for Android allows remote attackers to install arbitrary APK files via vectors involving a crafted DNS...
6.8AI Score
0.026EPSS
Buffer overflow in bing allows remote attackers to execute arbitrary commands via a long hostname, which is copied to a small buffer after a reverse DNS lookup using the gethostbyaddr...
8.3AI Score
0.008EPSS