exploitDog

GHSA-877p-v8mm-jqg9

Опубликовано: 08 янв. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The WP Go Maps (formerly WP Google Maps) WordPress plugin before 9.0.28 does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the site.

The WP Go Maps (formerly WP Google Maps) WordPress plugin before 9.0.28 does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the site.

Ссылки

EPSS

Процентиль: 78%

0.01157

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-6627

CVSS3: 6.1

nvd

около 2 лет назад

The WP Go Maps (formerly WP Google Maps) WordPress plugin before 9.0.28 does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the site.

EPSS

Процентиль: 78%

0.01157

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79