Vulnerabilites related to mappresspro - mappress
cve-2022-0208
Vulnerability from cvelistv5
Published
2022-02-14 09:21
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise and escape the mapid parameter before outputting it back in the "Bad mapid" error message, leading to a Reflected Cross-Site Scripting
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | MapPress Maps for WordPress |
Version: 2.73.4 < 2.73.4 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:18:42.553Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MapPress Maps for WordPress", vendor: "Unknown", versions: [ { lessThan: "2.73.4", status: "affected", version: "2.73.4", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Krzysztof Zając", }, ], descriptions: [ { lang: "en", value: "The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise and escape the mapid parameter before outputting it back in the \"Bad mapid\" error message, leading to a Reflected Cross-Site Scripting", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Cross-site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-14T09:21:07", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc", }, ], source: { discovery: "EXTERNAL", }, title: "MapPress Maps for WordPress < 2.73.4 - Reflected Cross-Site scripting", x_generator: "WPScan CVE Generator", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "contact@wpscan.com", ID: "CVE-2022-0208", STATE: "PUBLIC", TITLE: "MapPress Maps for WordPress < 2.73.4 - Reflected Cross-Site scripting", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MapPress Maps for WordPress", version: { version_data: [ { version_affected: "<", version_name: "2.73.4", version_value: "2.73.4", }, ], }, }, ], }, vendor_name: "Unknown", }, ], }, }, credit: [ { lang: "eng", value: "Krzysztof Zając", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise and escape the mapid parameter before outputting it back in the \"Bad mapid\" error message, leading to a Reflected Cross-Site Scripting", }, ], }, generator: "WPScan CVE Generator", problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79 Cross-site Scripting (XSS)", }, ], }, ], }, references: { reference_data: [ { name: "https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc", refsource: "MISC", url: "https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2022-0208", datePublished: "2022-02-14T09:21:07", dateReserved: "2022-01-12T00:00:00", dateUpdated: "2024-08-02T23:18:42.553Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-4840
Vulnerability from cvelistv5
Published
2023-09-12 01:52
Modified
2025-02-05 19:29
Severity ?
EPSS score ?
Summary
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'mappress' shortcode in versions up to, and including, 2.88.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| chrisvrichardson | MapPress Maps for WordPress |
Version: * ≤ 2.88.4 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T07:38:00.860Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/c3d2c9a4-32f7-484f-86ce-a33ef1174b28?source=cve", }, { tags: [ "x_transferred", ], url: "https://plugins.trac.wordpress.org/browser/mappress-google-maps-for-wordpress/tags/2.88.4/mappress_map.php#L381", }, { tags: [ "x_transferred", ], url: "https://plugins.trac.wordpress.org/browser/mappress-google-maps-for-wordpress/tags/2.88.5/mappress.php?rev=2965022#L919", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-4840", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-05T18:26:48.423280Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-05T19:29:54.077Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "MapPress Maps for WordPress", vendor: "chrisvrichardson", versions: [ { lessThanOrEqual: "2.88.4", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Lana Codes", }, ], descriptions: [ { lang: "en", value: "The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'mappress' shortcode in versions up to, and including, 2.88.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-12T01:52:13.337Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/c3d2c9a4-32f7-484f-86ce-a33ef1174b28?source=cve", }, { url: "https://plugins.trac.wordpress.org/browser/mappress-google-maps-for-wordpress/tags/2.88.4/mappress_map.php#L381", }, { url: "https://plugins.trac.wordpress.org/browser/mappress-google-maps-for-wordpress/tags/2.88.5/mappress.php?rev=2965022#L919", }, ], timeline: [ { lang: "en", time: "2023-09-06T00:00:00.000+00:00", value: "Discovered", }, { lang: "en", time: "2023-09-06T00:00:00.000+00:00", value: "Vendor Notified", }, { lang: "en", time: "2023-09-11T00:00:00.000+00:00", value: "Disclosed", }, ], }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2023-4840", datePublished: "2023-09-12T01:52:13.337Z", dateReserved: "2023-09-08T13:20:16.453Z", dateUpdated: "2025-02-05T19:29:54.077Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-6524
Vulnerability from cvelistv5
Published
2024-01-03 05:31
Modified
2024-08-02 08:35
Severity ?
EPSS score ?
Summary
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the map title parameter in all versions up to and including 2.88.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access or higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| chrisvrichardson | MapPress Maps for WordPress |
Version: * ≤ 2.88.13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:35:13.596Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/28a8f025-c2ab-4a5f-a99e-a2d19b14a190?source=cve", }, { tags: [ "x_transferred", ], url: "https://advisory.abay.sh/cve-2023-6524", }, { tags: [ "x_transferred", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3015598%40mappress-google-maps-for-wordpress%2Ftrunk&old=3001436%40mappress-google-maps-for-wordpress%2Ftrunk&sfp_email=&sfph_mail=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "MapPress Maps for WordPress", vendor: "chrisvrichardson", versions: [ { lessThanOrEqual: "2.88.13", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Akbar Kustirama", }, ], descriptions: [ { lang: "en", value: "The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the map title parameter in all versions up to and including 2.88.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access or higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-29T18:43:15.271Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/28a8f025-c2ab-4a5f-a99e-a2d19b14a190?source=cve", }, { url: "https://advisory.abay.sh/cve-2023-6524", }, { url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3015598%40mappress-google-maps-for-wordpress%2Ftrunk&old=3001436%40mappress-google-maps-for-wordpress%2Ftrunk&sfp_email=&sfph_mail=", }, ], timeline: [ { lang: "en", time: "2023-12-04T00:00:00.000+00:00", value: "Discovered", }, { lang: "en", time: "2024-01-02T00:00:00.000+00:00", value: "Disclosed", }, ], }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2023-6524", datePublished: "2024-01-03T05:31:17.918Z", dateReserved: "2023-12-05T14:17:05.556Z", dateUpdated: "2024-08-02T08:35:13.596Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12077
Vulnerability from cvelistv5
Published
2020-04-23 02:20
Modified
2024-08-04 11:48
Severity ?
EPSS score ?
Summary
The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:48:58.340Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.wordfence.com/blog/2020/04/critical-vulnerabilities-patched-in-mappress-maps-plugin/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-23T13:12:06", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers", }, { tags: [ "x_refsource_MISC", ], url: "https://www.wordfence.com/blog/2020/04/critical-vulnerabilities-patched-in-mappress-maps-plugin/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-12077", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers", refsource: "MISC", url: "https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers", }, { name: "https://www.wordfence.com/blog/2020/04/critical-vulnerabilities-patched-in-mappress-maps-plugin/", refsource: "MISC", url: "https://www.wordfence.com/blog/2020/04/critical-vulnerabilities-patched-in-mappress-maps-plugin/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-12077", datePublished: "2020-04-23T02:20:46", dateReserved: "2020-04-23T00:00:00", dateUpdated: "2024-08-04T11:48:58.340Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-7225
Vulnerability from cvelistv5
Published
2024-01-30 07:34
Modified
2024-08-02 08:57
Severity ?
EPSS score ?
Summary
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the width and height parameters in all versions up to, and including, 2.88.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| chrisvrichardson | MapPress Maps for WordPress |
Version: * ≤ 2.88.16 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.352Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/fce76126-0cfd-464f-b644-45d4301e958d?source=cve", }, { tags: [ "x_transferred", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3023266%40mappress-google-maps-for-wordpress%2Ftrunk&old=3022439%40mappress-google-maps-for-wordpress%2Ftrunk&sfp_email=&sfph_mail=", }, { tags: [ "x_transferred", ], url: "https://advisory.abay.sh/cve-2023-7225/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "MapPress Maps for WordPress", vendor: "chrisvrichardson", versions: [ { lessThanOrEqual: "2.88.16", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Akbar Kustirama", }, ], descriptions: [ { lang: "en", value: "The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the width and height parameters in all versions up to, and including, 2.88.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-30T07:34:38.783Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/fce76126-0cfd-464f-b644-45d4301e958d?source=cve", }, { url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3023266%40mappress-google-maps-for-wordpress%2Ftrunk&old=3022439%40mappress-google-maps-for-wordpress%2Ftrunk&sfp_email=&sfph_mail=", }, { url: "https://advisory.abay.sh/cve-2023-7225/", }, ], timeline: [ { lang: "en", time: "2024-01-29T00:00:00.000+00:00", value: "Disclosed", }, ], }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2023-7225", datePublished: "2024-01-30T07:34:38.783Z", dateReserved: "2024-01-09T15:01:08.793Z", dateUpdated: "2024-08-02T08:57:35.352Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-10715
Vulnerability from cvelistv5
Published
2024-11-06 11:00
Modified
2024-11-06 11:28
Severity ?
EPSS score ?
Summary
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Map block in all versions up to, and including, 2.94.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| chrisvrichardson | MapPress Maps for WordPress |
Version: * ≤ 2.94.1 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-10715", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-06T11:28:23.946410Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-06T11:28:41.670Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "MapPress Maps for WordPress", vendor: "chrisvrichardson", versions: [ { lessThanOrEqual: "2.94.1", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Akbar Kustirama", }, ], descriptions: [ { lang: "en", value: "The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Map block in all versions up to, and including, 2.94.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-06T11:00:29.115Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/8d966924-aeab-4397-9555-78291af70efe?source=cve", }, { url: "https://plugins.trac.wordpress.org/changeset/3180900/mappress-google-maps-for-wordpress", }, ], timeline: [ { lang: "en", time: "2024-11-01T00:00:00.000+00:00", value: "Vendor Notified", }, { lang: "en", time: "2024-11-05T00:00:00.000+00:00", value: "Disclosed", }, ], title: "MapPress Maps for WordPress <= 2.94.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Map Block", }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2024-10715", datePublished: "2024-11-06T11:00:29.115Z", dateReserved: "2024-11-01T22:10:04.099Z", dateUpdated: "2024-11-06T11:28:41.670Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12675
Vulnerability from cvelistv5
Published
2020-05-29 15:52
Modified
2024-08-04 12:04
Severity ?
EPSS score ?
Summary
The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for CVE-2020-12077.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:04:22.558Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.alertlogic.com/alert-logic-threat-research-team-identifies-new-vulnerability-cve-2020-12675-in-mappress-plugin-for-wordpress/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for CVE-2020-12077.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-29T15:52:06", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.alertlogic.com/alert-logic-threat-research-team-identifies-new-vulnerability-cve-2020-12675-in-mappress-plugin-for-wordpress/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-12675", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for CVE-2020-12077.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers", refsource: "MISC", url: "https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers", }, { name: "https://blog.alertlogic.com/alert-logic-threat-research-team-identifies-new-vulnerability-cve-2020-12675-in-mappress-plugin-for-wordpress/", refsource: "MISC", url: "https://blog.alertlogic.com/alert-logic-threat-research-team-identifies-new-vulnerability-cve-2020-12675-in-mappress-plugin-for-wordpress/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-12675", datePublished: "2020-05-29T15:52:06", dateReserved: "2020-05-06T00:00:00", dateUpdated: "2024-08-04T12:04:22.558Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-26015
Vulnerability from cvelistv5
Published
2023-11-03 12:40
Modified
2025-02-19 21:23
Severity ?
EPSS score ?
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Chris Richardson MapPress Maps for WordPress mappress-google-maps-for-wordpress allows SQL Injection.This issue affects MapPress Maps for WordPress: from n/a through 2.85.4.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Chris Richardson | MapPress Maps for WordPress |
Version: n/a < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:39:06.641Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vdb-entry", "x_transferred", ], url: "https://patchstack.com/database/vulnerability/mappress-google-maps-for-wordpress/wordpress-mappress-maps-for-wordpress-plugin-2-85-4-authenticated-sql-injection-vulnerability?_s_id=cve", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-26015", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-19T21:12:04.055757Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-19T21:23:47.242Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://wordpress.org/plugins", defaultStatus: "unaffected", packageName: "mappress-google-maps-for-wordpress", product: "MapPress Maps for WordPress", vendor: "Chris Richardson", versions: [ { changes: [ { at: "2.85.5", status: "unaffected", }, ], lessThanOrEqual: "2.85.4", status: "affected", version: "n/a", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Rafie Muhammad (Patchstack)", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Chris Richardson MapPress Maps for WordPress mappress-google-maps-for-wordpress allows SQL Injection.<p>This issue affects MapPress Maps for WordPress: from n/a through 2.85.4.</p>", }, ], value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Chris Richardson MapPress Maps for WordPress mappress-google-maps-for-wordpress allows SQL Injection.This issue affects MapPress Maps for WordPress: from n/a through 2.85.4.\n\n", }, ], impacts: [ { capecId: "CAPEC-66", descriptions: [ { lang: "en", value: "CAPEC-66 SQL Injection", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-89", description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-03T12:40:00.660Z", orgId: "21595511-bba5-4825-b968-b78d1f9984a3", shortName: "Patchstack", }, references: [ { tags: [ "vdb-entry", ], url: "https://patchstack.com/database/vulnerability/mappress-google-maps-for-wordpress/wordpress-mappress-maps-for-wordpress-plugin-2-85-4-authenticated-sql-injection-vulnerability?_s_id=cve", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Update to 2.85.5 or a higher version.", }, ], value: "Update to 2.85.5 or a higher version.", }, ], source: { discovery: "EXTERNAL", }, title: "WordPress MapPress Maps for WordPress Plugin <= 2.85.4 is vulnerable to SQL Injection", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3", assignerShortName: "Patchstack", cveId: "CVE-2023-26015", datePublished: "2023-11-03T12:40:00.660Z", dateReserved: "2023-02-17T14:26:06.170Z", dateUpdated: "2025-02-19T21:23:47.242Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0537
Vulnerability from cvelistv5
Published
2022-04-04 15:35
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS settings and upload arbitrary files to the site through the "ajax_save" function. The file is written relative to the current 's stylesheet directory, and a .php file extension is added. No validation is performed on the content of the file, triggering an RCE vulnerability by uploading a web shell. Further the name parameter is not sanitized, allowing the payload to be uploaded to any directory to which the server has write access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/abfbba70-5158-4990-98e5-f302361db367 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | MapPress Maps for WordPress |
Version: 2.73.13 < 2.73.13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:32:46.208Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wpscan.com/vulnerability/abfbba70-5158-4990-98e5-f302361db367", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "MapPress Maps for WordPress", vendor: "Unknown", versions: [ { lessThan: "2.73.13", status: "affected", version: "2.73.13", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "qerogram", }, ], descriptions: [ { lang: "en", value: "The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS settings and upload arbitrary files to the site through the \"ajax_save\" function. The file is written relative to the current 's stylesheet directory, and a .php file extension is added. No validation is performed on the content of the file, triggering an RCE vulnerability by uploading a web shell. Further the name parameter is not sanitized, allowing the payload to be uploaded to any directory to which the server has write access.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-434", description: "CWE-434 Unrestricted Upload of File with Dangerous Type", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-04T15:35:46", orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", shortName: "WPScan", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wpscan.com/vulnerability/abfbba70-5158-4990-98e5-f302361db367", }, ], source: { discovery: "EXTERNAL", }, title: "MapPress Maps for WordPress < 2.73.13 - Admin+ File Upload to Remote Code Execution", x_generator: "WPScan CVE Generator", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "contact@wpscan.com", ID: "CVE-2022-0537", STATE: "PUBLIC", TITLE: "MapPress Maps for WordPress < 2.73.13 - Admin+ File Upload to Remote Code Execution", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "MapPress Maps for WordPress", version: { version_data: [ { version_affected: "<", version_name: "2.73.13", version_value: "2.73.13", }, ], }, }, ], }, vendor_name: "Unknown", }, ], }, }, credit: [ { lang: "eng", value: "qerogram", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS settings and upload arbitrary files to the site through the \"ajax_save\" function. The file is written relative to the current 's stylesheet directory, and a .php file extension is added. No validation is performed on the content of the file, triggering an RCE vulnerability by uploading a web shell. Further the name parameter is not sanitized, allowing the payload to be uploaded to any directory to which the server has write access.", }, ], }, generator: "WPScan CVE Generator", problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-434 Unrestricted Upload of File with Dangerous Type", }, ], }, ], }, references: { reference_data: [ { name: "https://wpscan.com/vulnerability/abfbba70-5158-4990-98e5-f302361db367", refsource: "MISC", url: "https://wpscan.com/vulnerability/abfbba70-5158-4990-98e5-f302361db367", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", assignerShortName: "WPScan", cveId: "CVE-2022-0537", datePublished: "2022-04-04T15:35:46", dateReserved: "2022-02-08T00:00:00", dateUpdated: "2024-08-02T23:32:46.208Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2023-11-03 13:15
Modified
2025-02-19 22:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Chris Richardson MapPress Maps for WordPress mappress-google-maps-for-wordpress allows SQL Injection.This issue affects MapPress Maps for WordPress: from n/a through 2.85.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mappresspro | mappress | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mappresspro:mappress:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "96FE545B-ED47-4254-B314-1748726AE353", versionEndIncluding: "2.85.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Chris Richardson MapPress Maps for WordPress mappress-google-maps-for-wordpress allows SQL Injection.This issue affects MapPress Maps for WordPress: from n/a through 2.85.4.\n\n", }, { lang: "es", value: "Neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ('Inyección SQL') en Chris Richardson MapPress Maps para WordPress mappress-google-maps-for-wordpress permite la inyección SQL. Este problema afecta a MapPress Maps para WordPress: desde n/a hasta 2.85.4.", }, ], id: "CVE-2023-26015", lastModified: "2025-02-19T22:15:14.960", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-11-03T13:15:08.647", references: [ { source: "audit@patchstack.com", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/mappress-google-maps-for-wordpress/wordpress-mappress-maps-for-wordpress-plugin-2-85-4-authenticated-sql-injection-vulnerability?_s_id=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://patchstack.com/database/vulnerability/mappress-google-maps-for-wordpress/wordpress-mappress-maps-for-wordpress-plugin-2-85-4-authenticated-sql-injection-vulnerability?_s_id=cve", }, ], sourceIdentifier: "audit@patchstack.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "audit@patchstack.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-09-12 02:15
Modified
2024-11-21 08:36
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'mappress' shortcode in versions up to, and including, 2.88.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mappresspro | mappress | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mappresspro:mappress:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "8B8CB438-6C9C-4D65-9FD6-0E794E2542D6", versionEndIncluding: "2.88.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'mappress' shortcode in versions up to, and including, 2.88.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, { lang: "es", value: "El complemento MapPress Maps de WordPress para WordPress es vulnerable a Cross-Site Scripting almacenado a través de código corto 'mappress' en versiones hasta 2.88.4 incluida, debido a la insuficiente sanitización de entrada y salida que escapa en los atributos proporcionados por el usuario. Esto hace posible que los atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada.", }, ], id: "CVE-2023-4840", lastModified: "2024-11-21T08:36:04.980", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 2.7, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-09-12T02:15:13.360", references: [ { source: "security@wordfence.com", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/browser/mappress-google-maps-for-wordpress/tags/2.88.4/mappress_map.php#L381", }, { source: "security@wordfence.com", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/browser/mappress-google-maps-for-wordpress/tags/2.88.5/mappress.php?rev=2965022#L919", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/c3d2c9a4-32f7-484f-86ce-a33ef1174b28?source=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/browser/mappress-google-maps-for-wordpress/tags/2.88.4/mappress_map.php#L381", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/browser/mappress-google-maps-for-wordpress/tags/2.88.5/mappress.php?rev=2965022#L919", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/c3d2c9a4-32f7-484f-86ce-a33ef1174b28?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Modified", }
Vulnerability from fkie_nvd
Published
2024-01-03 06:15
Modified
2024-11-21 08:44
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the map title parameter in all versions up to and including 2.88.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access or higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mappresspro | mappress | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mappresspro:mappress:*:*:*:*:free:wordpress:*:*", matchCriteriaId: "7BE420A3-6D46-44C0-9AD0-F630AF0D88FA", versionEndExcluding: "2.88.14", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the map title parameter in all versions up to and including 2.88.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access or higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, { lang: "es", value: "MapPress Maps for WordPress plugin for WordPress es vulnerable a cross site scripting almacenado a través del parámetro map title en todas las versiones hasta la 2.88.13 inclusive debido a una sanitización de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados con acceso de colaborador o superior inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada.", }, ], id: "CVE-2023-6524", lastModified: "2024-11-21T08:44:01.677", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 2.7, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-03T06:15:47.120", references: [ { source: "security@wordfence.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://advisory.abay.sh/cve-2023-6524", }, { source: "security@wordfence.com", tags: [ "Product", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3015598%40mappress-google-maps-for-wordpress%2Ftrunk&old=3001436%40mappress-google-maps-for-wordpress%2Ftrunk&sfp_email=&sfph_mail=", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/28a8f025-c2ab-4a5f-a99e-a2d19b14a190?source=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://advisory.abay.sh/cve-2023-6524", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3015598%40mappress-google-maps-for-wordpress%2Ftrunk&old=3001436%40mappress-google-maps-for-wordpress%2Ftrunk&sfp_email=&sfph_mail=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/28a8f025-c2ab-4a5f-a99e-a2d19b14a190?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-30 08:15
Modified
2024-11-21 08:45
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the width and height parameters in all versions up to, and including, 2.88.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mappresspro | mappress | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mappresspro:mappress:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "C544F4BE-0227-4AEF-A6A9-F9C0970AE265", versionEndIncluding: "2.88.16", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the width and height parameters in all versions up to, and including, 2.88.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, { lang: "es", value: "El complemento MapPress Maps for WordPress para WordPress es vulnerable a Cross-Site Scripting Almacenado a través de los parámetros de ancho y alto en todas las versiones hasta la 2.88.16 incluida debido a una sanitización de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de colaborador y superior, inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada.", }, ], id: "CVE-2023-7225", lastModified: "2024-11-21T08:45:33.493", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 2.7, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-30T08:15:40.090", references: [ { source: "security@wordfence.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://advisory.abay.sh/cve-2023-7225/", }, { source: "security@wordfence.com", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3023266%40mappress-google-maps-for-wordpress%2Ftrunk&old=3022439%40mappress-google-maps-for-wordpress%2Ftrunk&sfp_email=&sfph_mail=", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/fce76126-0cfd-464f-b644-45d4301e958d?source=cve", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://advisory.abay.sh/cve-2023-7225/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3023266%40mappress-google-maps-for-wordpress%2Ftrunk&old=3022439%40mappress-google-maps-for-wordpress%2Ftrunk&sfp_email=&sfph_mail=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/fce76126-0cfd-464f-b644-45d4301e958d?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-11-06 11:15
Modified
2024-11-08 20:25
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Map block in all versions up to, and including, 2.94.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mappresspro | mappress | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mappresspro:mappress:*:*:*:*:free:wordpress:*:*", matchCriteriaId: "A9E0327F-A277-4109-ACDE-DDB7EFF491AA", versionEndExcluding: "2.94.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Map block in all versions up to, and including, 2.94.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", }, { lang: "es", value: "El complemento MapPress Maps for WordPress para WordPress es vulnerable a cross-site scripting almacenado a través del bloque Map del complemento en todas las versiones hasta la 2.94.1 incluida, debido a una desinfección de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada.", }, ], id: "CVE-2024-10715", lastModified: "2024-11-08T20:25:37.380", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 2.7, source: "security@wordfence.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-11-06T11:15:03.353", references: [ { source: "security@wordfence.com", tags: [ "Product", ], url: "https://plugins.trac.wordpress.org/changeset/3180900/mappress-google-maps-for-wordpress", }, { source: "security@wordfence.com", tags: [ "Third Party Advisory", ], url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/8d966924-aeab-4397-9555-78291af70efe?source=cve", }, ], sourceIdentifier: "security@wordfence.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security@wordfence.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-14 12:15
Modified
2024-11-21 06:38
Severity ?
Summary
The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise and escape the mapid parameter before outputting it back in the "Bad mapid" error message, leading to a Reflected Cross-Site Scripting
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mappresspro | mappress | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mappresspro:mappress:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "F3A6A391-6E3A-4E1F-821E-287A59296A4B", versionEndExcluding: "2.73.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise and escape the mapid parameter before outputting it back in the \"Bad mapid\" error message, leading to a Reflected Cross-Site Scripting", }, { lang: "es", value: "El plugin MapPress Maps para WordPress versiones anteriores a 2.73.4, no sanea y escapa del parámetro mapid antes de devolverlo en el mensaje de error \"Bad mapid\", conllevando a un problema de tipo Cross-Site Scripting Reflejado", }, ], id: "CVE-2022-0208", lastModified: "2024-11-21T06:38:08.617", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-14T12:15:16.500", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "contact@wpscan.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-04 16:15
Modified
2024-11-21 06:38
Severity ?
Summary
The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS settings and upload arbitrary files to the site through the "ajax_save" function. The file is written relative to the current 's stylesheet directory, and a .php file extension is added. No validation is performed on the content of the file, triggering an RCE vulnerability by uploading a web shell. Further the name parameter is not sanitized, allowing the payload to be uploaded to any directory to which the server has write access.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/abfbba70-5158-4990-98e5-f302361db367 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/abfbba70-5158-4990-98e5-f302361db367 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mappresspro | mappress | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mappresspro:mappress:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "0DDE48BD-889C-4141-AAAA-E35BBEC25DC1", versionEndExcluding: "2.73.13", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS settings and upload arbitrary files to the site through the \"ajax_save\" function. The file is written relative to the current 's stylesheet directory, and a .php file extension is added. No validation is performed on the content of the file, triggering an RCE vulnerability by uploading a web shell. Further the name parameter is not sanitized, allowing the payload to be uploaded to any directory to which the server has write access.", }, { lang: "es", value: "El plugin MapPress Maps para WordPress versiones anteriores a 2.73.13, permite a un usuario con altos privilegios omitir las configuraciones DISALLOW_FILE_EDIT y DISALLOW_FILE_MODS y subir archivos arbitrarios al sitio mediante la función \"ajax_save\". El archivo es escrito en relación con el directorio de la hoja de estilo actual, y es añadida una extensión de archivo .php. No es llevada a cabo ninguna comprobación del contenido del archivo, desencadenando una vulnerabilidad de tipo RCE al subir un shell web. Además, el parámetro de nombre no está saneado, permitiendo que la carga útil sea cargada en cualquier directorio al que el servidor tenga acceso de escritura", }, ], id: "CVE-2022-0537", lastModified: "2024-11-21T06:38:52.007", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-04T16:15:09.363", references: [ { source: "contact@wpscan.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/abfbba70-5158-4990-98e5-f302361db367", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://wpscan.com/vulnerability/abfbba70-5158-4990-98e5-f302361db367", }, ], sourceIdentifier: "contact@wpscan.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-434", }, ], source: "contact@wpscan.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-23 03:15
Modified
2024-11-21 04:59
Severity ?
Summary
The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://www.wordfence.com/blog/2020/04/critical-vulnerabilities-patched-in-mappress-maps-plugin/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.wordfence.com/blog/2020/04/critical-vulnerabilities-patched-in-mappress-maps-plugin/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mappresspro | mappress | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mappresspro:mappress:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "539F0D67-BBF7-4E43-A941-CB597373F8A0", versionEndExcluding: "2.53.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution.", }, { lang: "es", value: "El plugin mappress-google-maps-for-wordpress en versiones anteriores a la 2.53.9 para Wordpress no implementa correctamente las funciones AJAX con nonces (o controles de capacidad), lo que conduce a la ejecución de código remoto.", }, ], id: "CVE-2020-12077", lastModified: "2024-11-21T04:59:13.787", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-23T03:15:10.887", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.wordfence.com/blog/2020/04/critical-vulnerabilities-patched-in-mappress-maps-plugin/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.wordfence.com/blog/2020/04/critical-vulnerabilities-patched-in-mappress-maps-plugin/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-434", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-05-29 16:15
Modified
2024-11-21 05:00
Severity ?
Summary
The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for CVE-2020-12077.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mappresspro | mappress | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mappresspro:mappress:*:*:*:*:*:wordpress:*:*", matchCriteriaId: "DCD3629B-E7A4-4460-923A-C79B84449395", versionEndExcluding: "2.54.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for CVE-2020-12077.", }, { lang: "es", value: "El plugin mappress-google-maps-for-wordpress versiones anteriores a 2.54.6 para WordPress, no implementa correctamente las comprobaciones de capacidad para las funcionalidades AJAX relacionadas con la creación/recuperación/eliminación de archivos de plantillas PHP, conllevando a una Ejecución de Código Remota. NOTA: este problema se presenta debido a una corrección incompleta para CVE-2020-12077.", }, ], id: "CVE-2020-12675", lastModified: "2024-11-21T05:00:03.023", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-05-29T16:15:10.087", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blog.alertlogic.com/alert-logic-threat-research-team-identifies-new-vulnerability-cve-2020-12675-in-mappress-plugin-for-wordpress/", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.alertlogic.com/alert-logic-threat-research-team-identifies-new-vulnerability-cve-2020-12675-in-mappress-plugin-for-wordpress/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://wordpress.org/plugins/mappress-google-maps-for-wordpress/#developers", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-434", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }