MapPress Maps Pro < 2.53.9 - Remote Code Execution (RCE) due to Incorrect Access Control in AJAX Actions
CVE-2020-12077 MapPress Maps Pro < 2539 - Remote Code Execution (RCE) due to Incorrect Access Control in AJAX Actions Description The pro version of this plugin registers several AJAX actions that call functions which lack capability checks and nonce checks, specifically the ‘ajax_get’, ‘ajax_save’, and ‘ajax_delete’ functions in map