VYPR

Google Map Shortcode

by WordPress

CVEs (5)

  • CVE-2024-10621MedNov 8, 2024
    risk 0.42cvss 6.4epss 0.00

    The Simple Shortcode for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's pw_map shortcode in all versions up to, and including, 1.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes…

  • CVE-2023-38396Oct 3, 2023
    risk 0.00cvss epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Alain Gonzalez plugin <= 3.1.2 versions.

  • CVE-2023-35772Jun 19, 2023
    risk 0.00cvss epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Alain Gonzalez Google Map Shortcode plugin <= 3.1.2 versions.

  • CVE-2023-2899Jun 19, 2023
    risk 0.00cvss epss 0.00

    The Google Map Shortcode WordPress plugin through 3.1.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be…

  • CVE-2023-23827Apr 23, 2023
    risk 0.00cvss epss 0.00

    Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Google Maps v3 Shortcode plugin <= 1.2.1 versions.