) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:codecabin:wp_go_maps:8.0.16:*:*:*:pro:wordpress:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2022-47595 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Go Maps (formerly WP Google Maps) plugin <= 9.0.15 versions. Published: March 14, 2023; 3:15:12 AM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2021-36871 |
Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps Pro premium plugin (versions <= 8.1.11). Vulnerable parameters: &wpgmaps_marker_category_name, Value > &attributes[], Name > &attributes[], &icons[], &names[], &description, &link, &title. Published: September 09, 2021; 8:15:09 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2021-36870 |
Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps plugin (versions <= 8.1.12). Vulnerable parameters: &dataset_name, &wpgmza_gdpr_retention_purpose, &wpgmza_gdpr_company_name, &name #2, &name, &polyname #2, &polyname, &address. Published: September 09, 2021; 8:15:09 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2021-24383 |
The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue Published: June 21, 2021; 4:15:09 PM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |