Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
easy2map vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2015-7668
Cross-site scripting (XSS) vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin prior to 1.3.0 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the map_id parameter.
Easy2map Easy2map
9.8
CVSSv3
CVE-2015-7669
Multiple directory traversal vulnerabilities in (1) includes/MapImportCSV2.php and (2) includes/MapImportCSV.php in the Easy2Map plugin prior to 1.3.0 for WordPress allow remote malicious users to include and execute arbitrary files via the csvfile parameter related to "uplo...
Easy2map Easy2map
NA
CVE-2015-4614
Multiple SQL injection vulnerabilities in includes/Function.php in the Easy2Map plugin prior to 1.2.5 for WordPress allow remote malicious users to execute arbitrary SQL commands via the mapName parameter in an e2m_img_save_map_name action to wp-admin/admin-ajax.php and other uns...
Easy2map Project Easy2map
1 EDB exploit
NA
CVE-2015-4616
Directory traversal vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin prior to 1.2.5 for WordPress allows remote malicious users to create arbitrary files via a .. (dot dot) in the map_id parameter.
Easy2map Project Easy2map
1 EDB exploit
9.8
CVSSv3
CVE-2015-4615
Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables
Easy2map Easy2map-photos 1.09
7.5
CVSSv3
CVE-2015-4617
Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory.
Easy2map Easy2map-photos 1.09
9.8
CVSSv3
CVE-2015-10126
A vulnerability classified as critical was found in Easy2Map Photos Plugin 1.0.1 on WordPress. This vulnerability affects unknown code. The manipulation leads to sql injection. The attack can be initiated remotely. Upgrading to version 1.1.0 is able to address this issue. The pat...
Steven Ellis Easy2map Photos
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started