Easy2Map Project Easy2Map vulnerabilities
2 known vulnerabilities affecting easy2map_project/easy2map.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2015-4614P3HIGHCVSS 7.5PoC≤ 1.2.42015-07-08
CVE-2015-4614 [HIGH] CWE-89 CVE-2015-4614: Multiple SQL injection vulnerabilities in includes/Function.php in the Easy2Map plugin before 1.2.5
Multiple SQL injection vulnerabilities in includes/Function.php in the Easy2Map plugin before 1.2.5 for WordPress allow remote attackers to execute arbitrary SQL commands via the mapName parameter in an e2m_img_save_map_name action to wp-admin/admin-ajax.php and other unspecified vectors.
nvd
CVE-2015-4616P3MEDIUMCVSS 5.0PoC≤ 1.2.42015-07-08
CVE-2015-4616 [MEDIUM] CWE-22 CVE-2015-4616: Directory traversal vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin before 1.2.
Directory traversal vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin before 1.2.5 for WordPress allows remote attackers to create arbitrary files via a .. (dot dot) in the map_id parameter.
nvd