Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Codecabin Security Vulnerabilities

cve
cve

CVE-2023-6627

The WP Go Maps (formerly WP Google Maps) WordPress plugin before 9.0.28 does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the...

6.1CVSS

6.4AI Score

0.0005EPSS

2024-01-08 07:15 PM
29
cve
cve

CVE-2022-47595

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Go Maps (formerly WP Google Maps) plugin <= 9.0.15...

6.5CVSS

6.3AI Score

0.001EPSS

2023-03-14 07:15 AM
24
cve
cve

CVE-2019-9912

The wp-google-maps plugin before 7.10.43 for WordPress has XSS via the wp-admin/admin.php...

6.1CVSS

6AI Score

0.001EPSS

2019-03-22 12:29 AM
31
cve
cve

CVE-2014-7182

Multiple cross-site scripting (XSS) vulnerabilities in the WP Google Maps plugin before 6.0.27 for WordPress allow remote attackers to inject arbitrary web script or HTML via the poly_id parameter in an (1) edit_poly, (2) edit_polyline, or (3) edit_marker action in the wp-google-maps-menu page to.....

5.9AI Score

0.003EPSS

2014-10-22 02:55 PM
24
cve
cve

CVE-2017-2187

Cross-site scripting vulnerability in WP Live Chat Support prior to version 7.0.07 allows remote attackers to inject arbitrary web script or HTML via unspecified...

6.1CVSS

6AI Score

0.001EPSS

2017-06-09 04:29 PM
28
2
cve
cve

CVE-2021-36870

Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps plugin (versions <= 8.1.12). Vulnerable parameters: &dataset_name, &wpgmza_gdpr_retention_purpose, &wpgmza_gdpr_company_name, &name #2, &name, &polyname #2, &polyname,...

5.5CVSS

5.4AI Score

0.0004EPSS

2021-09-09 12:15 PM
25
cve
cve

CVE-2019-14792

The WP Google Maps plugin before 7.11.35 for WordPress allows XSS via the wp-admin/ rectangle_name or rectangle_opacity...

5.4CVSS

5.2AI Score

0.001EPSS

2019-08-09 01:15 PM
33
cve
cve

CVE-2019-10692

In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT...

9.8CVSS

9.2AI Score

0.973EPSS

2019-04-02 06:30 PM
103
cve
cve

CVE-2021-24383

The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site Scripting...

5.4CVSS

5.1AI Score

0.001EPSS

2021-06-21 08:15 PM
75
2
cve
cve

CVE-2021-36871

Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps Pro premium plugin (versions <= 8.1.11). Vulnerable parameters: &wpgmaps_marker_category_name, Value > &attributes[], Name > &attributes[], &icons[], &names[], &description, &link,...

5.5CVSS

5.4AI Score

0.001EPSS

2021-09-09 12:15 PM
22