Mappresspro Mappress Maps For Wordpress vulnerabilities
2 known vulnerabilities affecting mappresspro/mappress_maps_for_wordpress.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-0420MEDIUMCVSS 5.4fixed in 2.88.152024-02-12
CVE-2024-0420 [MEDIUM] CWE-79 CVE-2024-0420: The MapPress Maps for WordPress plugin before 2.88.15 does not sanitize and escape the map title whe
The MapPress Maps for WordPress plugin before 2.88.15 does not sanitize and escape the map title when outputting it back in the admin dashboard, allowing Contributors and above roles to perform Stored Cross-Site Scripting attacks
nvd
CVE-2024-0421MEDIUMCVSS 5.3fixed in 2.88.162024-02-12
CVE-2024-0421 [MEDIUM] CWE-639 CVE-2024-0421: The MapPress Maps for WordPress plugin before 2.88.16 is affected by an IDOR as it does not ensure t
The MapPress Maps for WordPress plugin before 2.88.16 is affected by an IDOR as it does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private and draft posts.
nvd