The wp-google-maps plugin before 7.10.43 for WordPress has XSS via the wp-admin/admin.php PATH_INFO.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2019/Mar/41 | Mailing List Third Party Advisory |
https://lists.openwall.net/full-disclosure/2019/02/05/13 | Exploit Mailing List Third Party Advisory |
https://security-consulting.icu/blog/2019/02/wordpress-wpgooglemaps-xss/ | Exploit Third Party Advisory |
Configurations
History
26 May 2023, 15:00
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:codecabin:wp_go_maps:*:*:*:*:*:wordpress:*:* | |
First Time |
Codecabin wp Go Maps
Codecabin |
|
References | (FULLDISC) http://seclists.org/fulldisclosure/2019/Mar/41 - Mailing List, Third Party Advisory |
Information
Published : 2019-03-22 00:29
Updated : 2024-02-28 17:08
NVD link : CVE-2019-9912
Mitre link : CVE-2019-9912
CVE.ORG link : CVE-2019-9912
JSON object : View
Products Affected
codecabin
- wp_go_maps
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')