VYPR

Easy2map Photos Wordpress Plugin

by Steven Ellis

CVEs (2)

  • CVE-2015-4615CriFeb 15, 2019
    risk 0.64cvss 9.8epss 0.02

    Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables

  • CVE-2015-4617HigFeb 15, 2019
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory.