Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
codecabin wp go maps vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-10692
In the wp-google-maps plugin prior to 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement.
Codecabin Wp Go Maps
4.3
CVSSv2
CVE-2019-9912
The wp-google-maps plugin prior to 7.10.43 for WordPress has XSS via the wp-admin/admin.php PATH_INFO.
Codecabin Wp Go Maps
NA
CVE-2022-47595
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Go Maps (formerly WP Google Maps) plugin <= 9.0.15 versions.
Codecabin Wp Go Maps
3.5
CVSSv2
CVE-2021-24383
The WP Google Maps WordPress plugin prior to 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue
Codecabin Wp Go Maps
3.5
CVSSv2
CVE-2019-14792
The WP Google Maps plugin prior to 7.11.35 for WordPress allows XSS via the wp-admin/ rectangle_name or rectangle_opacity parameter.
Codecabin Wp Go Maps
4.3
CVSSv2
CVE-2014-7182
Multiple cross-site scripting (XSS) vulnerabilities in the WP Google Maps plugin prior to 6.0.27 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the poly_id parameter in an (1) edit_poly, (2) edit_polyline, or (3) edit_marker action in the wp...
Codecabin Wp Go Maps
3.5
CVSSv2
CVE-2021-36870
Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps plugin (versions <= 8.1.12). Vulnerable parameters: &dataset_name, &wpgmza_gdpr_retention_purpose, &wpgmza_gdpr_company_name, &name #2, &name, &poly...
Codecabin Wp Go Maps
NA
CVE-2023-6627
The WP Go Maps (formerly WP Google Maps) WordPress plugin prior to 9.0.28 does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the site.
Codecabin Wp Go Maps
3.5
CVSSv2
CVE-2021-36871
Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps Pro premium plugin (versions <= 8.1.11). Vulnerable parameters: &wpgmaps_marker_category_name, Value > &attributes[], Name > &attributes[], &icons[], ...
Codecabin Wp Go Maps
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started